ICT Security-Sécurité PC et Internet
87.1K views | +0 today
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

'Sophisticated' backdoor malware opens up security blackhole in Apache web servers

'Sophisticated' backdoor malware opens up security blackhole in Apache web servers | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - May 1, 2013 9:31 AM
Malware that hides itself from admins has been found in the wild, allowing attackers to compromise web servers and redirect users to sites hosting exploit kits.

 

Researchers at security firm ESET have dubbed the malware Linux/Cdorked.A and are calling it "the most sophisticated Apache backdoor" due to its ability to evade detection. 

 

===> Apache web servers run about 50 percent of the world’s websites, according to UK-based internet security firm, Netcraft. <===

 

The researchers claim the malware has been installed on hundreds of compromised web servers, which have served up malicious redirects to thousands of visitors.

Gust MEES's insight:

 

===> Apache web servers run about 50 percent of the world’s websites, according to UK-based internet security firm, Netcraft. <===

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Apache-vulnerabilities

 

 

more...
Gust MEES's curator insight, May 1, 2013 9:27 AM

 

===> Apache web servers run about 50 percent of the world’s websites, according to UK-based internet security firm, Netcraft. <===

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Apache-vulnerabilities

 

 
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Apache attack drives traffic to malware

Apache attack drives traffic to malware | ICT Security-Sécurité PC et Internet | Scoop.it
From www.theregister.co.uk - April 30, 2013 5:20 AM

 

A security researcher is warning that an attack on the Apache Web server is increasingly showing up in the wild, and has published a free Python tool to check their configurations.

 

The attack is designed to avoid leaving disk footprints, according to this post analysing the backdoor. It exists as a modified httpd file that redirects HTTP requests to the well-known Blackhole exploit pack.

 

Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Apache-vulnerabilities

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Out-of-date Software Affects Websites Big and Small

Out-of-date Software Affects Websites Big and Small | ICT Security-Sécurité PC et Internet | Scoop.it
From blog.sucuri.net - November 6, 2012 9:24 AM
Last week we published an article listing some big and popular websites that were leaking information about their users via the Apache server-status page.

 

                                  ===> UPDATE!!! <===

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Apache guns down killer server bug

Apache guns down killer server bug | ICT Security-Sécurité PC et Internet | Scoop.it
From www.scmagazine.com.au - October 7, 2011 2:22 AM
Absent forward slash leaves a gaping hole.

 

The Apache Software Foundation has squashed a reverse proxy flaw affecting its servers in which little more than a missing forward slash had exposed untold numbers of network devices and information to hackers.

 

Reverse proxies route external HTTP and HTTPS web requests to an internal web server. It is used in load balancing and to make multiple web servers at different paths appear as a single web interface.

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Apache 2.2.20 released to fix DoS vulnerability | Naked Security

Apache 2.2.20 released to fix DoS vulnerability | Naked Security | ICT Security-Sécurité PC et Internet | Scoop.it
From nakedsecurity.sophos.com - August 31, 2011 5:39 AM
The Apache Foundation has released version 2.2.20 to address a denial of service vulnerability. Web admins using Apache should update as soon as possible.
more...
No comment yet.
Sign up to comment
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Backdoor entdeckt: Angreifer kaperten schon hunderte Apache-Server

Backdoor entdeckt: Angreifer kaperten schon hunderte Apache-Server | ICT Security-Sécurité PC et Internet | Scoop.it
From www.itespresso.de - April 30, 2013 6:19 AM
Bösartige Angreifer kapern Apache-Webserver und leiten deren Besucher auf Schad-Websites um. Die Tarnung der Malware ist fast perfekt.

 

Eine Hintertür, die von Administratoren nur schwer bemerkt werden kann, sorgt dafür, dass Internet-Anfragen an Apache-Server nicht in Logs aufgenommen werden. Die gesendeten http-Anfragen, die in Wirklichkeit einen Trojaner steuern, sind nicht ersichtlich. Der Rest des Angriffs läuft im Speicher ab, Bugfixes gibt es noch nicht.

 

29. April 2013 von Manfred Kohlen 0


Die Malware Linux/Cdorked.A ist eine raffinierte Hintertür, die alles tut, um den Internetverkehr auf schädliche Webseiten umzuleiten, schreibt Sicherheitsanbieter Eset in einer aktuellen Warnung.   Der Schädling sei so gut, dass er laut eigener Analysen schon hunderte von Webservern unter seine Kontrolle gebracht habe.

 

Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Apache-vulnerabilities

 

more...
Scooped by Gust MEES
Scoop.it!

Malware is targeting Java HTTP servers

Malware is targeting Java HTTP servers | ICT Security-Sécurité PC et Internet | Scoop.it
From www.computerworlduk.com - January 3, 2013 3:38 AM
Security researchers from antivirus vendor Trend Micro have uncovered a piece of backdoor-type malware that infects Java-based HTTP servers and allows attackers to execute malicious commands on the underlying systems.
Gust MEES's insight:

                       ===> Be AWARE of the MALWARE! <===

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

http://arstechnica.com/security/2012/11/misconfigured-apache-sites-expose-user-passwords-other-private-data/

http://arstechnica.com/security/2012/11/misconfigured-apache-sites-expose-user-passwords-other-private-data/ | ICT Security-Sécurité PC et Internet | Scoop.it
From mcaf.ee - November 2, 2012 10:02 AM

Misconfigured Apache sites expose user passwords, other private data System status pages are publicly viewable on thousands of sites.

 

Read more, a MUST:

http://mcaf.ee/qilcd

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Context warns of new reverse web proxy bypass vulnerability | Press Releases @ Your-Story.org

From your-story.org - October 6, 2011 6:19 PM
October 6th 2011 - The Apache Software Foundation yesterday issued an advisory to all of its customers following the identification by researchers at...
more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn