Thursday, October 31, 2024

web server

Backdoor in upstream xz/liblzma Let Attackers Hack SSH Servers

A startling revelation has identified a dangerous security vulnerability in the xz compression utility, specifically within its liblzma library. This vulnerability has been found to compromise SSH server security....

Hackers Actively Hijacking ConnectWise ScreenConnect server

ConnectWise, a prominent software company, issued an urgent security bulletin on February 19, 2024, revealing two significant vulnerabilities in its self-hosted ScreenConnect servers.These vulnerabilities...

How Log Monitoring Prevents Web Attacks?

Security logging and monitoring failures feature in the OWASP Top 10 list, moving up to #9 from #10 in the 2017 list. Why so?Because...

10,890 WordPress Sites Hacked for a Massive AdSense Fraud Campaign

The cybersecurity researchers at Sucuri recently discovered a critical backdoor that has managed to infiltrate thousands of websites over the past few months.A group...

Over 15,000 Websites were Hacked to Redirect Visitors to Fake Q&A Websites

Sucuri observed hackers compromising around 15,000 websites as part of a huge black hat SEO campaign in order to redirect visitors to fake Q&A...

13-year-old Ghostcat Bug Affected Apache-Tomcat Let Hackers Remotely Inject Any Files in The Servers

Ghostcat, 13-Year old severe file inclusion vulnerability affected Apache-Tomcat server allows hackers to read or include any files in the web app directories of...