Recent Plex Vulnerability Allows Full System Takeover
Recently it was found that Plex had a vulnerability that allowed hackers to do a full system takeover.
The three vulnerabilities that were found are CVE-2020-5740, CVE-2020-5741, and CVE-2020-5742 which was detected by Tenable security researcher Chris Lyne and reported to Plex on May 31st.
If hackers are able to exploit this vulnerability they could execute code to gain access to all files, create backdoors and even move to other devices on the network.
Update to the latest version
Make sure that you are not vulnerable, log into your plex server and update right away.
… Read the rest“We have rolled out a change in our update distribution servers. This change will protect Plex Media Server version 1.18.2 or newer,” the Plex Security Team said. “Plex Media Server installations older than 1.18.2 will still be exploitable and we highly encourage users on older
Amazon Phishing Emails Are Running Rampant
Amazon phishing emails are running rampant. These hackers are using these types of phishing emails to try and gain access to your account and information and use it to purchase items with.
Some common tip-offs that an email is phony are typos, grammatical mistakes, awkward language, missing words, extra spaces, and other signs that the email was written unprofessionally. Such emails might also ask you to look at an attachment or click a link and then give your personal information on a Web page or in a form. Or the sender’s email address might look suspicious. If you hover over the links you can even see that it would not direct you to legit URL. Here Are A Few Email TIPS
New Amazon Phishing Email
- Don’t ever open random attachments.
Always Review Incoming Email Address
- In this case the email address is completely random and not coming from a verifiy
Russian Sandworm Exploiting Exim Mail Servers
It has been found by the NSA that the Russian Spy Group called BlackEnergy is actively exploiting Exim mail servers with Sandworm.
The Exim mail server flaw can be exploited using a email containing a modified “MAIL FROM” field in a Simple Mail Transfer Protocol (SMTP) message. The Russians have been exploiting unpatched Exim servers since at least August, according the NSA’s advisory.
Once Sandworm compromises a target Exim server, it subsequently downloads and executes a shell script from a Sandworm-controlled domain to establish a persistent backdoor that can be used for reconnaissance, spying on mail messages, lateral movement and additional malware implantation.
“This script would attempt to do the following on the victim machine: Add privileged users; disable network security settings; update SSH configurations to enable additional remote access; and execute an additional script to enable follow-on exploitation,” according to the NSA.
Exim admins should update their MTAs … Read the rest
Microsoft Patched 100 Vulnerabilities
Microsoft has pushed a hefty list of Patches on Tuesday to fix over 100 Vulnerabilities and 16 CVEs making the critical list.
This is actually the thrid mont that Microsoft has pushed over 100 vulnerabilities patches. May’s list does not contain any vulnerabilities currently being exploited in the wild, which is a good thing.
Make sure that you are always patching your systems.
- PowerShell Script to Force Uninstall Umbrella Roaming Client
- How to Install Moodle on a Ubuntu 24.04 VPS with a Scripted Guide
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin Viewer with PowerShell
Sophos XG Firewall Vulnerability
Hackers have been targeting Sophos XG Firewall due to the Zero-Day exploit that allows hackers to inject the Asnarok Malware.
Sophos said in their blog. “The attack affected systems configured with either the administration interface (HTTPS admin service) or the user portal exposed on the WAN zone. In addition, firewalls manually configured to expose a firewall service (e.g. SSL VPN, SPX Portal) to the WAN zone that shares the same port as the admin or User Portal were also affected.”
What was compromised?
It was found that the data impacted on the firewall was all local usernames and hashed passwords of any local user accounts. This would mean, local device admins, user portal accounts, and accounts used for remote access. However the passwords associated with external authentication like Active Directory (AD) or LDAP were not compromised.
Have I been compromised?
Well Sophos best practice is to make sure the firewall … Read the rest
Is OpenDNS Umbrella HIPAA Compliant?
So the question your asking Is OpenDNS Umbrella HIPAA Compliant? Surely OpenDNS Umbrella and its software client is questionable, right? Is this a breach of HIPAA Compliance?
Lets Review The Basics…
Lets go back to the basics, OpenDNS is a company and service that extends the Domain Name System by adding features such as Logging, phishing protection, malware protection and content filtering in addition to DNS lookup, if its DNS servers are used. So knowing this it already seems to be better than Comcast DNS of 75.75.75.75 or Googles DNS of 8.8.8.8. Open DNS Umbrella actually provides something of value.
Let’s look at exactly how a DNS request works.
- A DNS request starts when you try to access a computer on the internet. For example, you type PatrickDomingues.com in your browser address bar.
- The first stop for the DNS request is the local DNS cache. As you access different computers,
How To Ping With Date and Time To TXT File Using CMD
There are occasions where you will need to know How To Ping With Date and Time To TXT File Using CMD and a few Windows Ping commands can help. This will use a provide a date and a timestamp the result of each ping, with a bit of effort you can get it to do that. It’s quite useful if you specifically need to use the Windows Ping command.
ping -t patrickdomingues.com|cmd /q /v /c "(pause&pause)>nul & for /l %a in () do (set /p "data=" && echo(!date! !time! !data!)&ping -n 2 patrickdomingues.com>nul" >C:\ping\pingtest.txt
The above will continuously ping the address with a time and date to a output log file which in this case is called pingtest.txt , press Ctrl+C to end the session. If you do not need an output file remove the redirection to an output file string if you want to show the results in the … Read the rest
Zeus Sphinx Banking Trojan Ramps Up During COVID19
The Zeus and Sphinx Banking Trojan is showing off its ugly face more often now during COVID19, lurking and targeting desperate users looking for information about COVID19.
According to researchers Amir Gandler and Limor Kessem at IBM X-Force, the researchers observed a significant increase in volume in March 2020, of the Zeus and Sphinx’s malware. It was clear that the operators looked to take advantages around government relief payments to COVID19 affected people and companies.
In March 2020 these phishing and malspam campaigns emails tell targets that they need to fill out an attached form to receive coronavirus relief from the government. These new Zeus and Sphinx Banking Trojan variant is spreading via coronavirus-themed email sent to victims in the U.S., Canada and Australia, housed in malicious attachments named “COVID 19 relief,” according to an X-Force blog posting on Monday.
Stay vigilant and review these Email Security Tips you can … Read the rest
TOP Horrible Passwords To Use For 2020
How many Horrible Passwords are there? Let me tell you there are about 500 of them and we will show you the TOP Horrible Passwords To Use For 2020. Any password documented publicly or available in the darkweb can be used in a dictionary attack. This is a form of brute force attack technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.
| NO | Top 1-100 | Top 101–200 | Top 201–300 | Top 301–400 | Top 401–500 |
| 1 | 123456 | porsche | firebird | prince | rosebud |
| 2 | password | guitar | butter | beach | jaguar |
| 3 | 12345678 | chelsea | united | amateur | great |
| 4 | 1234 | black | turtle | 7777777 | cool |
| 5 | pussy | diamond | steelers | muffin | cooper |
| 6 | 12345 | nascar | tiffany | redsox | 1313 |
| 7 | dragon | jackson | zxcvbn | star | scorpio |
| 8 | qwerty | cameron | tomcat | testing | mountain |
| 9 | 696969 | 654321 | golf | shannon | madison |
CoronaVirus Business Continuity Plan Checklist
No one can predict the future; however, you can be ready with a sound CoronaVirus Business Continuity Plan. This CoronaVirus business continuity checklist is the first step in the BCP process. The checklist is not an exhaustive list, it is a simple tool that can be used to ensure that the basic CoronaVirus Business Continuity Plan process has been initiated and the division management has considered what needs to be done to keep essential functions operating if an adverse event occurs. The CoronaVirus Business Continuity Plan Checklist is somewhat “information centric” as organisation’s reliance on information is increasing and its successful management provides a competitive advantage.
- PowerShell Script to Force Uninstall Umbrella Roaming Client
- How to Install Moodle on a Ubuntu 24.04 VPS with a Scripted Guide
- Automating System Updates with Unattended-Upgrades on Ubuntu
- How to Add a Large Disk Partition as Storage in Proxmox VE
- How to Remove Radmin
Loading ...