Thousands of MongoDB databases ransacked, held for ransom

The cybercriminal behind the ransom raids on almost 23,000 databases threatens to leak the data and alert GDPR regulators. An unknown cybercriminal has infiltrated 22,900 unsecured MongoDB databases, wiping their contents and leaving behind a ransom note demanding bitcoin in return for the data. If the ransom isn’t paid within two days, they threatened to … More Thousands of MongoDB databases ransacked, held for ransom

Microsoft fixes vulnerability affecting all Windows versions since 1996

Another vulnerability in the same Windows component was abused by Stuxnet a decade ago. A vulnerability in a decades-old Windows component that controls printing on machines running the operating system could be abused by malicious actors to gain elevated privileges on the targeted system, according to security researchers Yarden Shafir and Alex Ionescu. The flaw, which … More Microsoft fixes vulnerability affecting all Windows versions since 1996

Automating tasks means streamlining timelines and security for MSPs

While the world worries about a growing diversity of cyberattacks, any business worth its salt knows there are even more risks out there, such as the loss or theft of company devices, which can result in serious data privacy violations. Company devices that get out into the wild rightly cause serious concern for any business … More Automating tasks means streamlining timelines and security for MSPs

Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Notorious cyberespionage group debases MSSQL. For a while, ESET researchers have been tracking the activities of the Winnti Group, active since at least 2012 and responsible for high-profile supply-chain attacks against the video game and software industry. Recently, we discovered a previously undocumented backdoor targeting Microsoft SQL (MSSQL) that allows attackers to maintain a very discreet … More Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Critical bug found in popular mail server software

If exploited, the security hole in Exim could allow attackers to run arbitrary commands on vulnerable mail servers. Exim, the popular mail transfer agent (MTA) software, contains a critical-rated vulnerability that can, in some scenarios, enable remote attackers to run commands of their choice on unpatched mail servers, researchers from Qualys have found. Tracked under CVE-2019-10149, the remote … More Critical bug found in popular mail server software