Recent Security News
-
Bungled ransomware raid targeting WS_FTP servers demanded just 0.018 BTC
October 13, 2023 at 02:22PM Security researchers have discovered the first ransomware campaign targeting organizations using a vulnerability in Progress Software’s WS_FTP Server. The campaign, carried out by the “Reichsadler Cybercrime Group,” demanded a ransom of 0.018 Bitcoin (approximately $500) to recover encrypted files. Sophos’s product prevented the download of the ransomware payload, and patches…
-
ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic
October 13, 2023 at 01:47PM Cyberattackers are using the ShellBot malware to target Linux SSH servers. They are now using hexadecimal IP addresses to evade detection. This new method allows them to hide their activity from behavior-based detection systems. ShellBot is a well-known botnet that compromises servers with weak SSH credentials and can be used…
-
Microsoft Debuts AI Bug-Bounty Program, Offers $15K
October 13, 2023 at 01:26PM Microsoft has introduced an AI bug-bounty program for researchers to identify vulnerabilities in its Bing generative AI chatbot and AI integrations. Rewards for eligible submissions range from $2,000 to $15,000. The program covers AI-powered Bing on bing.com, as well as integrations in Microsoft Edge, the Microsoft Start app, and Skype…
-
Microsoft plans to kill off NTLM authentication in Windows 11
October 13, 2023 at 12:50PM Microsoft has announced that the NTLM authentication protocol will be phased out in Windows 11. Kerberos has replaced NTLM as the default authentication protocol since Windows 2000. Despite being used in older versions, NTLM is still vulnerable to attacks such as relay attacks and pass-the-hash attacks. Microsoft is working on…