schwit1 shares a report from ZDNet: Cyberattackers have turned to search engine optimization (SEO) techniques to deploy malware payloads to as many victims as possible. According to Sophos, the so-called search engine “deoptimization” method includes both SEO tricks and the abuse of human psychology to push websites that have been compromised up Google’s rankings. SEO optimization is used by webmasters to…
Tag: servers
Introducing Crowdsec: a Modernized, Collaborative Massively Multiplayer Firewall
Slashdot reader b-dayyy writes: CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool. CrowdSec is free and open-source (under an MIT License), with the source code available on GitHub….
Google’s Stadia Problem? A Video Game Unit That’s Not Googley Enough
The tech giant likes to test and tweak. Stadia promised to change the industry and failed to deliver. From a report: Google’s streaming video game service Stadia had ambitious plans to disrupt the gaming industry, which is dominated by consoles. The tech giant had planned to pack Stadia with original content, announcing two years ago that it was hiring hundreds of…
France Says Russian State Hackers Targeted IT Monitoring Firm Centreon’s Servers in Years-Long Campaign
France’s cyber-security agency said that a group of Russian military hackers, known as the Sandworm group, have been behind a three-years-long operation during which they breached the internal networks of several French entities running the Centreon IT monitoring software. From a report: The attacks were detailed in a technical report released today by Agence Nationale de la Securite des Systemes d’Information,…
After Researchers Raise Spying Concerns, Clubhouse Promises Blocks on Transmitting to Chinese Servers
“The developers of audio chat room app Clubhouse plan to add additional encryption to prevent it from transmitting pings to servers in China,” reports The Verge, “after Stanford researchers said they found vulnerabilities in its infrastructure.” In a new report, the Stanford Internet Observatory (SIO) said it confirmed that Shanghai-based company Agora Inc., which makes real-time engagement software, “supplies back-end infrastructure…
Should You Block Connections to Your Network From Foreign Countries?
Slashdot reader b-dayyy quotes the Linux Security blog: What if you could block connections to your network in real-time from countries around the world such as Russia, China and Brazil where the majority of cyberattacks originate? What if you could redirect connections to a single network based on their origin? As you can imagine, being able to control these things would…
Misleading Viral Claims Show Dangers of Preprint Servers, Researchers Warn
Scientific researchers worry that the capacity for spreading misinformation “goes far beyond the big-name social media sites,” warns the Washington Post. Citing pre-print servers and unvetted “research repositories,” they note that “Any online platform without robust and potentially expensive safeguards is equally vulnerable.” “This is similar to the debate we’re having with Facebook and Twitter. To what degree are we creating…
Apple Will Proxy Safe Browsing Traffic on iOS 14.5 To Hide User IPs from Google
Apple’s upcoming iOS 14.5 release will ship with a feature that will re-route all Safari’s Safe Browsing traffic through Apple-controlled proxy servers as a workaround to preserve user privacy and prevent Google from learning the IP addresses of iOS users. From a report: The new feature will work only when users activate the “Fraudulent Website Warning” option in the iOS Safari…
Plex Media Servers Are Being Abused For DDoS Attacks
DDoS-for-hire services have found a way to abuse Plex Media servers to bounce junk traffic and amplify distributed denial of service (DDoS) attacks, security firm Netscout said in an alert this week. From a report: The company’s alert warns owners of devices that ship with Plex Media Server, a web application for Windows, Mac, and Linux that’s usually used for video…
Google Chrome Sync Feature Can Be Abused For C&C and Data Exfiltration
Threat actors have discovered they can abuse the Google Chrome sync feature to send commands to infected browsers and steal data from infected systems, bypassing traditional firewalls and other network defenses. From a report: For non-Chrome users, Chrome sync is a feature of the Chrome web browser that stores copies of a user’s Chrome bookmarks, browsing history, passwords, and browser and…