Get Permission
Exim, one of the most-used message transfer agents, has issued patches for 21 flaws that could put thousands of users at risk of attacks, researchers at security firm Qualys say.
The vulnerabilities, collectively dubbed 21nails, include 11 local and 10 remote code vulnerabilities and affect all versions of Exim servers from 2004 onward, the Qualys report notes.
Exim, which was informed by Qualys about the vulnerabilities in October 2020, released patches for the flaws Tuesday. The current Exim versions - and likely older versions too - suffer from several exploitable vulnerabilities, Exim notes in an update to users. Due to several internal reasons, it took more time than usual for the Exim development team to work on these reported issues in a timely manner.
BankInfoSecurity
Compliance Twitter
Attackers steal login credentials via fake Google reCAPTCHA screens. (Source: Pixabay)
A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zscaler says. The company says it prevented more than 2,500 phishing emails tied to the campaign.
Attack Tactics
The campaign begins with attackers sending victims phishing emails that appear to come from a unified communications system used for streamlining corporate communication. This email contains a malicious email attachment.
Once the victims open the attached HTML file, they are redirected to a .xyz phishing domain which is disguised as a legitimate Google reCAPTCHA page in order to trick the users.
BankInfoSecurity
Compliance
Compliance Twitter Get Permission
Microsoft has patched a critical vulnerability in Windows that can be exploited by tricking users to visit websites that use a malicious font. The flaw was found by Google s Project Zero bug-hunting team.
Hackers can exploit the flaw to wage web-based attacks, Microsoft says. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability, the company says.
Hackers likely would spread links to malicious websites via phishing emails or Instant Messenger, according to Microsoft.
Get Permission
Researchers with NetScout s Atlas Security Engineering and Response Team are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify various DDoS attacks.
The NetScout researchers believe that about 27,000 Plex media servers are vulnerable to the type of DDoS amplification attacks described in a new report. The Plex media server application works with Windows, Linux and macOS operating systems and normally lets users share video and other media with other devices.
The application can also connect with other devices. such as network-attached storage devices and external RAID storage units.
In the incidents that NetScout found, numerous DDoS-for-hire services were using the vulnerable Plex app to send junk traffic to targeted victims to overwhelm their networks and cause a crash.
Get Permission
Researchers with NetScout s Atlas Security Engineering and Response Team are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify various DDoS attacks.
The NetScout researchers believe that about 27,000 Plex media servers are vulnerable to the type of DDoS amplification attacks described in a new report. The Plex media server application works with Windows, Linux and macOS operating systems and normally lets users share video and other media with other devices.
The application can also connect with other devices. such as network-attached storage devices and external RAID storage units.
In the incidents that NetScout found, numerous DDoS-for-hire services were using the vulnerable Plex app to send junk traffic to targeted victims to overwhelm their networks and cause a crash.