101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

482
active users

#serversecurity

0 posts0 participants0 posts today
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:​<p>"🚨 Critical Security Alert: HikCentral Professional Vulnerabilities Exposed 🚨"</p><p>Hikvision's latest advisory reveals severe vulnerabilities in HikCentral Professional, identified by Michael Dubell and Abdulazeez Omar. CVE-2024-25063 and CVE-2024-25064, with CVSS scores of 7.5 and 4.3 respectively, highlight risks of unauthorized access due to insufficient server-side validation. Users are urged to upgrade to versions above V2.5.1 for enhanced security. Stay vigilant and prioritize updating to safeguard your systems! 🛡️💻🔐</p><p>CVE Summaries:</p><ul><li>CVE-2024-25063: Attackers could exploit server validation flaws to access restricted URLs, compromising confidentiality.</li><li>CVE-2024-25064: Authenticated users could manipulate parameters to access unauthorized resources, posing a lower risk.</li></ul><p>Source: <a href="https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/" rel="nofollow noopener" target="_blank">Hikvision Security Advisory</a></p><p>Tags: <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Hikvision" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hikvision</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/CVE2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE2024</span></a>-25063 <a href="https://infosec.exchange/tags/CVE2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE2024</span></a>-25064 <a href="https://infosec.exchange/tags/ServerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ServerSecurity</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/PatchManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchManagement</span></a> 🌍🔒💡</p>
agarbathi<p>Stretchoid.com is a plague for all server operators. Especially for mail server operators. Recently I have entries like this in my web server logs:</p><pre><code>"MGLNDD_[IP-Adress_of_your_server] "-" "-"</code></pre><p>Do yourself a favor and block stretchoid in your firewalls. A relatively current list that I use on my servers.</p><pre><code>45.55.0.0/24 104.131.128.0/24 104.131.144.0/24 104.236.128.0/24 107.170.192.0/24 107.170.208.0/24 107.170.224.0/24 107.170.225.0/24 107.170.226.0/24 107.170.227.0/24 107.170.228.0/24 107.170.229.0/24 107.170.230.0/24 107.170.231.0/24 107.170.232.0/24 107.170.233.0/24 107.170.234.0/24 107.170.235.0/24 107.170.236.0/24 107.170.237.0/24 107.170.238.0/24 107.170.239.0/24 107.170.240.0/24 107.170.241.0/24 107.170.242.0/24 107.170.243.0/24 107.170.244.0/24 107.170.245.0/24 107.170.246.0/24 107.170.247.0/24 107.170.248.0/24 107.170.249.0/24 107.170.250.0/24 107.170.251.0/24 107.170.252.0/24 107.170.253.0/24 107.170.254.0/24 107.170.255.0/24 137.184.255.0/24 138.68.208.0/24 159.203.192.0/24 159.203.208.0/24 159.203.224.0/24 159.203.240.0/24 162.243.128.0/24 162.243.129.0/24 162.243.130.0/24 162.243.131.0/24 162.243.132.0/24 162.243.133.0/24 162.243.134.0/24 162.243.135.0/24 162.243.136.0/24 162.243.137.0/24 162.243.138.0/24 162.243.139.0/24 162.243.140.0/24 162.243.141.0/24 162.243.142.0/24 162.243.143.0/24 162.243.144.0/24 162.243.145.0/24 162.243.146.0/24 162.243.147.0/24 162.243.148.0/24 162.243.149.0/24 162.243.150.0/24 162.243.151.0/24 162.243.152.0/24 192.241.192.0/24 192.241.193.0/24 192.241.194.0/24 192.241.195.0/24 192.241.196.0/24 192.241.197.0/24 192.241.198.0/24 192.241.199.0/24 192.241.200.0/24 192.241.201.0/24 192.241.202.0/24 192.241.203.0/24 192.241.204.0/24 192.241.205.0/24 192.241.206.0/24 192.241.207.0/24 192.241.208.0/24 192.241.209.0/24 192.241.210.0/24 192.241.211.0/24 192.241.212.0/24 192.241.213.0/24 192.241.214.0/24 192.241.215.0/24 192.241.216.0/24 192.241.217.0/24 192.241.218.0/24 192.241.219.0/24 192.241.220.0/24 192.241.221.0/24 192.241.222.0/24 192.241.223.0/24 192.241.224.0/24 192.241.225.0/24 192.241.226.0/24 192.241.227.0/24 192.241.228.0/24 192.241.229.0/24 192.241.230.0/24 192.241.231.0/24 192.241.232.0/24 192.241.233.0/24 192.241.234.0/24 192.241.235.0/24 192.241.236.0/24 192.241.237.0/24 192.241.238.0/24 192.241.239.0/24 198.199.92.0/24 198.199.93.0/24 198.199.94.0/24 198.199.95.0/24 198.199.96.0/24 198.199.97.0/24 198.199.98.0/24 198.199.100.0/24 198.199.101.0/24 198.199.102.0/24 198.199.103.0/24 198.199.104.0/24 198.199.105.0/24 198.199.106.0/24 198.199.107.0/24 198.199.108.0/24 198.199.109.0/24 198.199.110.0/24 198.199.111.0/24 198.199.112.0/24 198.199.113.0/24 198.199.114.0/24 198.199.115.0/24 198.199.116.0/24 198.199.117.0/24 198.199.118.0/24 198.199.119.0/24</code></pre><p><a href="https://squeet.me/search?tag=server" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>server</span></a> <a href="https://squeet.me/search?tag=stretchoid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>stretchoid</span></a> <a href="https://squeet.me/search?tag=admin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>admin</span></a> <a href="https://squeet.me/search?tag=linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://squeet.me/search?tag=windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a> <a href="https://squeet.me/search?tag=unix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unix</span></a> <a href="https://squeet.me/search?tag=sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a> <a href="https://squeet.me/search?tag=firewall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firewall</span></a> <a href="https://squeet.me/search?tag=webserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webserver</span></a> <a href="https://squeet.me/search?tag=mailserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mailserver</span></a> <a href="https://squeet.me/search?tag=postfix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>postfix</span></a> <a href="https://squeet.me/search?tag=apache" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>apache</span></a> <a href="https://squeet.me/search?tag=nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> <a href="https://squeet.me/search?tag=it" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>it</span></a> <a href="https://squeet.me/search?tag=blocklist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blocklist</span></a> <a href="https://squeet.me/search?tag=administrator" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>administrator</span></a> <a href="https://squeet.me/search?tag=web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web</span></a> <a href="https://squeet.me/search?tag=serversecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>serversecurity</span></a></p>
Stefano Marinelli<p>Maybe it's because I'm not feeling my best this morning, but I really can't stand this whole army of "security experts" who pay dubious online sites to perform scans on their servers and then come bothering with absurd and incredible requests. <br>The latest one, just a few minutes ago: "Our website also responds on port 80. It needs to be closed immediately; it's insecure!" <br>My response: "Port 80 has a redirect to 443 - it's there to ensure that users who connect on port 80, in HTTP, are kindly redirected to 443, in HTTPS." <br>Their reply: "Port 80 is insecure and dangerous; it must be closed immediately. It's a security risk." </p><p>Normally, I'm patient and accommodating, but not this morning: "I'm very sorry to hear that you find our technical choices to be insecure. Considering that your hosting contract (which we provide to you at rock-bottom prices and which I almost no longer find worthwhile to maintain) expired on 20 November, and you had a 14-day grace period to make the payment, and despite my reminders, you haven't done so. I want to inform you that I will be taking down the website tonight, and you have until Monday to migrate everything. On that date, I will delete all of your data from our servers. Have a good day. "</p><p>Of course, they ignore the fact that their website is still running on PHP 5, which I've been telling them for years to update because I have to keep an old and insecure FreeBSD jail active just for this mess. According to them, that is secure. 🤦‍♂️ </p><p><a href="https://mastodon.bsd.cafe/tags/IncredibleRequests" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncredibleRequests</span></a> <a href="https://mastodon.bsd.cafe/tags/HostingIssues" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HostingIssues</span></a> <a href="https://mastodon.bsd.cafe/tags/ServerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ServerSecurity</span></a> <a href="https://mastodon.bsd.cafe/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SysAdmin</span></a> <a href="https://mastodon.bsd.cafe/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a></p>
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:​<p>"⚠️ Critical RCE Alert: 3,000 Apache ActiveMQ Servers at Risk! ⚠️"</p><p>Over 3,000 Apache ActiveMQ servers are exposed online, vulnerable to a critical RCE flaw (CVE-2023-46604, CVSS v3: 10.0). Immediate patching is urged to prevent potential data theft and network compromise. Stay vigilant! 🛡️💻</p><p>Apache ActiveMQ is an open-source message broker for secure communication between clients and servers, supporting Java and various cross-language clients and protocols like AMQP, MQTT, OpenWire, and STOMP.</p><p>The flaw in question is CVE-2023-46604, a critical severity (CVSS v3 score: 10.0) RCE that allows attackers to execute arbitrary shell commands by exploiting class types in the OpenWire protocol.</p><p>According to Apache's disclosure on October 27, 2023, this vulnerability affects the following Apache ActiveMQ and Legacy OpenWire Module versions:</p><ul><li>Versions before 5.18.3 in the 5.18.x series</li><li>Versions before 5.17.6 in the 5.17.x series</li><li>Versions before 5.16.7 in the 5.16.x series</li><li>All versions before 5.15.16</li></ul><p>To address this issue, fixes have been released in versions 5.15.16, 5.16.7, 5.17.6, and 5.18.3. It's recommended to upgrade to one of these versions to enhance your IT security.</p><p>Tags: <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RCE</span></a> <a href="https://infosec.exchange/tags/ApacheActiveMQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ApacheActiveMQ</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/PatchNow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchNow</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/ServerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ServerSecurity</span></a> <a href="https://infosec.exchange/tags/CVE202346604" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE202346604</span></a> 🚨🔐</p><p>Source: <a href="https://www.bleepingcomputer.com/news/security/3-000-apache-activemq-servers-vulnerable-to-rce-attacks-exposed-online/" rel="nofollow noopener" target="_blank">BleepingComputer</a></p><p>Author: Bill Toulas</p>
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:​<p>"🚨 Openfire Vulnerability Under Active Exploit: A Gateway to Ransomware and Cryptominers 🚨"</p><p>The widely-used Openfire chat server is under siege as hackers exploit a high-severity flaw, CVE-2023-32315, to deploy ransomware and cryptominers. This Java-based open-source XMPP server, boasting 9 million downloads, has become a lucrative target due to an authentication bypass vulnerability in its admin console. Attackers are creating new admin accounts on vulnerable servers, installing malicious Java plugins, and executing commands via HTTP requests. 🛑</p><p>The flaw spans across various Openfire versions dating back to 2015. Although patches were released in May 2023, over 3,000 servers remained vulnerable by mid-August 2023. The first known exploitation dates back to June 2023, when a server was ransomed post-exploitation. Attack scenarios include deploying crypto-mining trojans, installing backdoors, and extracting server information. 🕵️</p><p>Dr. Web has identified four distinct attack scenarios leveraging this flaw, emphasizing the urgency of applying available security updates. BleepingComputer also reports multiple instances of Openfire servers being encrypted with ransomware, appending a .locked1 extension to files. The ransom demands range from 0.09 to 0.12 bitcoins ($2,300 to $3,500). 🖥️🔓</p><p>The threat landscape is evolving, with threat actors not solely targeting Openfire servers but any vulnerable web server. It's a stark reminder for organizations to stay vigilant and ensure their systems are up-to-date with the latest security patches. 🛡️</p><p>Source: <a href="https://www.bleepingcomputer.com/news/security/hackers-actively-exploiting-openfire-flaw-to-encrypt-servers/" rel="nofollow noopener" target="_blank">BleepingComputer</a> by Bill Toulas</p><p>Tags: <a href="https://infosec.exchange/tags/Openfire" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Openfire</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Cryptominers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cryptominers</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/CVE202332315" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE202332315</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/PatchManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchManagement</span></a> <a href="https://infosec.exchange/tags/ServerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ServerSecurity</span></a> <a href="https://infosec.exchange/tags/DrWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DrWeb</span></a> <a href="https://infosec.exchange/tags/BleepingComputer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BleepingComputer</span></a> 🌐🔐</p><p><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32315" rel="nofollow noopener" target="_blank">MITRE CVE-2023-32315</a></p>