[HackerNews] New EwDoor Botnet Targeting Unpatched AT&T Network Edge Devices

A newly discovered botnet capable of staging distributed denial-of-service (DDoS) attacks targeted unpatched Ribbon Communications (formerly Edgewater Networks) EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances.
Chinese tech giant Qihoo 360’s Netlab network security division, which detected the botnet first on October 27,

Source: Read More (The Hacker News)

You might be interested in …

[TheRecord] Google pauses quantum security feature in Chrome because of buggy middleware

Google said on Tuesday that it temporarily disabled its quantum computer-resistant security feature in Chrome after it received bug reports that faulty networking middleware devices have been causing unexpected website connection failures for the few users where this feature was enabled. Known as Combined Elliptic-Curve and Post-Quantum 2, or CECPQ2, the idea behind this feature was to […]

Read More

[HackerNews] Why Database Patching Best Practice Just Doesn’t Work and How to Fix It

All posts, HackerNews

Patching really, really matters – patching is what keeps technology solutions from becoming like big blocks of Swiss cheese, with endless security vulnerabilities punching hole after hole into critical solutions. But anyone who’s spent any amount of time maintaining systems will know that patching is often easier said than done. Yes, in some instances, you […]

Read More

[HackerNews] Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site

All posts, HackerNews

Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute arbitrary code in the context of any website. Tracked as CVE-2021-34506 (CVSS score: 5.4), the weakness stems from a universal cross-site scripting (UXSS) issue that’s triggered […]

Read More