Category: Security

The modern digital landscape has hackers who constantly evolve their tactics, so a focus on cyber defense becomes paramount. When cyber threats loom large, businesses and individuals must remain vigilant against the ever-present danger of malware. Given the greater importance of cybersecurity as a priority for online ventures big and small, companies like Malwarebytes are leading the fight against malicious software.

Subdomains underpin the structure of the modern internet. They allow business owners to organize and integrate specific services within a website. However, the vast adoption of subdomains has made them a prime target of cybercriminals looking to exploit subdomain takeover vulnerabilities.

Whether you send transactional emails or welcome a new employee to your company, you want your messages to reach their intended audience. The internet is constantly changing, and cyberthreats evolve daily, which means that your business needs a secure email server.

You may not think much about it, but your emails go through many gateways to make it to your contact. The same goes for anyone sending messages to you. The process is called Email Authentication, and it’s crucial for all email domains. You and your business do many things to protect your privacy, but cyber threats can come from anywhere, even in your inbox. Knowing how to optimally authenticate email in your various systems is essential.

Since ancient times, people have used passwords, which are almost ubiquitous in our personal and professional lives. Though people were expected to remember their passwords as a best practice, it is practically impossible to remember hundreds of complex passwords. Therefore, people created passwords that were easy to remember and reuse across numerous accounts. However, repeated use of the same weak passwords causes data breaches and security issues.

Introduction

In this article, we provide updated information concerning the ongoing threat posed by the malware directed at Microsoft Exchange Servers noted in CVE-2021-26855. We also furnish the steps needed to update and secure your Microsoft Exchange Server. In a recent post, the Cybersecurity & Infrastructure Security Agency posted a priority security advisory regarding the recent Microsoft Exchange Server vulnerability. They state:

A new vulnerability in PHP-FPM has been noted which could lead to remote code execution on nginx. An earlier message on Twitter exposed the CVE-2019-11043 bug:

AMP for WP -Accelerated Mobile Pages allows your site to be faster for mobile visitors. Along with last week’s report, the AMP plugin has also been added to the list exploited. The AMP for WP plugin was reported on October 20, 2018, by its developers. Luckily, the newest version, 0.9.97.20, of this plugin has patched for their known security flaws. This exploit has the means of putting 100,000+ users at potential risk, so its best to check if you are utilizing this plugin. In this tutorial, we will be checking if you use this plugin. Along with updating, we will also show you how to check if your site for compromises.

There is a new exploit, rated as 7.8 severity level,  that affects major Linux distributions of RedHat Enterprise Linux, Debian 8 and CentOS on both VPS servers as well as dedicated servers, called Mutagen Astronomy. Mutagen Astronomy exploits an integer overflow vulnerability in the Linux kernel and supplies root access (admin privileges) to unauthorized users on the intended server. This exploit affects Linux kernel version dating back from July 2007 to July 2017.  Living in the kernel, the memory table can be manipulated to overflow using the create_tables_elf() function. After overwhelming the server, the hacker can then overtake the server with its malicious intents.

Overview

A security vulnerability has been discovered in the ImageMagick software suite that can potentially allow remote code execution.