#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

NGINX | Breaking Cybersecurity News | The Hacker News

NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation

NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation
Apr 12, 2022
The maintainers of the NGINX web server project have issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol ( LDAP ) Reference Implementation. "NGINX Open Source and NGINX Plus are not themselves affected, and no corrective action is necessary if you do not use the reference implementation," Liam Crilly and Timo Stark of F5 Networks  said  in an advisory published Monday. NGINX said that the  reference implementation , which  uses LDAP to authenticate users , is impacted only under three conditions if the deployments involve - Command-line parameters to configure the Python-based reference implementation daemon Unused, optional configuration parameters, and Specific group membership to carry out LDAP authentication Should any of the aforementioned conditions be met, an attacker could potentially override the configuration parameters by sending specially crafted HTTP request headers and even bypass group membership requirement

FritzFrog P2P Botnet Attacking Healthcare, Education and Government Sectors

FritzFrog P2P Botnet Attacking Healthcare, Education and Government Sectors
Feb 10, 2022
A peer-to-peer Golang botnet has resurfaced after more than a year to compromise servers belonging to entities in the healthcare, education, and government sectors within a span of a month, infecting a total of 1,500 hosts. Dubbed FritzFrog , "the decentralized botnet targets any device that exposes an SSH server — cloud instances, data center servers, routers, etc. — and is capable of running any malicious payload on infected nodes," Akamai researchers said in a report shared with The Hacker News. The new wave of attacks commenced in early December 2021, only to pick up pace and register a 10x growth in its infection rate in a month's time, while peaking at 500 incidents per day in January 2022. The cybersecurity firm said it detected infected machines in a European television channel network, a Russian manufacturer of healthcare equipment, and multiple universities in East Asia. FritzFrog was  first documented  by Guardicore in August 2020, elaborating the botnet&

Russian Police Raided NGINX Moscow Office, Detained Co-Founders

Russian Police Raided NGINX Moscow Office, Detained Co-Founders
Dec 12, 2019
Russian law enforcement officers have raided the Moscow offices of Nginx—the company behind the world's second most popular web server software—over a copyright infringement complaint filed by Rambler, a Russian Internet portal and email service provider. According to multiple reports from local media and social media, the police conducted searches and has also detained several employees of the company, including Igor Sysoev , the original developer of Nginx and Maxim Konovalov , another co-founder of the company. Over 30% of the websites on the Internet today, including many of the world's most popular sites like Netflix and Twitch, run on the Nginx server. Igor Sysoev created the Nginx web server in the early 2000s and open-sourced it in 2004, after which he founded the company Nginx in 2015 that has now been acquired by F5 Networks , an American technology company, for $ 670 million. According to a copy of the complaint shared on Twitter, Rambler accused that Sys

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers
Oct 26, 2019
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely. The vulnerability, tracked as CVE-2019-11043 , affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could be exploited easily as a proof-of-concept (PoC) exploit for the flaw has already been released publicly. PHP-FPM is an alternative PHP FastCGI implementation that offers advanced and highly-efficient processing for scripts written in PHP programming language. The main vulnerability is an "env_path_info" underflow memory corruption issue in the PHP-FPM module, and chaining it together with other issues could allow attackers to remotely execute arbitrary code on vulnerable web servers. The vulnerability was spotted by Andrew Danau, a security researcher at Wallarm while hun

F5 Networks Acquires NGINX For $670 Million

F5 Networks Acquires NGINX For $670 Million
Mar 12, 2019
One of the most important software companies NGINX , which is also behind the very popular open-source web server of the same name, is being acquired by its rival, F5 Networks , in a deal valued at about $670 million. While NGINX is not a name that you have ever heard of, the reality is that you use NGINX every day when you post a photo, watch streaming video, purchase goods online, or log into your applications at work. NGINX powers over half of the busiest websites in the world. Majority of sites on the Internet today, including The Hacker News, and hundreds of thousands apps, like Instagram, Pinterest, Netflix, and Airbnb are hosted on web servers running NGINX. NGINX web server is the third most widely used servers in the world—behind only Microsoft and Apache, and ahead of Google. In short, the internet as we know it today would not exist without NGINX. F5 Acquires NGINX to Bridge NetOps and DevOps F5 Networks is the industry leader in cloud and security application
More Resources

Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.