web hosting | Breaking Cybersecurity News | The Hacker News

The supply chain attack targeting the widely-used Polyfill[.]io JavaScript library is broader in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack surface management firm said. "Approximately 237,700, are located within the Hetzner network (AS24940), primarily in Germany," it noted. "This is not surprising – Hetzner is a popular web hosting service, and many website developers leverage it." Further analysis of the affected hosts has revealed domains tied to prominent companies like WarnerBros, Hulu, Mercedes-Benz, and Pearson that reference the malicious endpoint in question. Details of the attack emerged in late June 2024 when Sansec alerted that code hosted on the Polyfill domain had been m...

Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the  third   security incident  to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar  said  that a malicious third-party managed to gain access to its  Managed WordPress  hosting environment on September 6 with the help of a compromised password, using it to obtain sensitive information pertaining to its customers. It's not immediately clear if the compromised password was secured with two-factor authentication. The Arizona-based company  claims  over 20 million customers, with more than 82 million domain names registered using its services. GoDaddy revealed it discovered the break-in on November 17. An investigation into the incident is ongoing and the company said it's "co...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Four Eastern European nationals face 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after pleading guilty to providing bulletproof hosting services between 2008 and 2015, which were used by cybercriminals to distribute malware to financial entities across the U.S. The individuals, Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia, have been accused of renting their wares to cybercriminal clients, who used the infrastructure to disseminate malware such as Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit that were capable of co-opting victim machines into a botnet, and stealing sensitive information. The deployment of malware caused or attempted to cause millions of dollars in losses to U.S. victims, the U.S. Department of Justice (DoJ) said in a statement on Friday. "A key service provided by the defendants was helping their clients to evade detection by...

DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties. Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email. According to the breach notification email that affected customers [ 1 , 2 ] received, the data leak happened due to negligence where DigitalOcean 'unintentionally' left an internal document accessible to the Internet without requiring any password. "This document contained your email address and/or account name (the name you gave your account at sign-up) as well as some data about your account that may have included Droplet count, bandwidth usage, some support or sales communications notes, and the amount you paid during 2018," the company said in the warning email as shown below. Upon discovery, a qui...

Popular web hosting provider Hostinger has been hit by a massive data breach, as a result of which the company has reset passwords for all customers as a precautionary measure. In a blog post published on Sunday, Hostinger revealed that "an unauthorized third party" breached one of its servers and gained access to "hashed passwords and other non-financial data" associated with its millions of customers. The incident occurred on August 23 when unknown hackers found an authorization token on one of the company's servers and used it to gain access to an internal system API, without requiring any username and password. Immediately after the breach discovery, Hostinger restricted the vulnerable system, making this access no longer available, and contacted the respective authorities. "On August 23rd, 2019 we have received informational alerts that one of our servers has been accessed by an unauthorized third party," Hostinger said. "This...

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in the world that powers almost 40 percent of the whole Internet. The vulnerability, identified as CVE-2019-0211 , was discovered by Charles Fol , a security engineer at Ambionics Security firm, and patched by the Apache developers in the latest version 2.4.39 of its software released today. The flaw affects Apache HTTP Server versions 2.4.17 through 2.4.38 and could allow any less-privileged user to execute arbitrary code with root privileges on the targeted server. "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interprete...

One of the most important software companies NGINX , which is also behind the very popular open-source web server of the same name, is being acquired by its rival, F5 Networks , in a deal valued at about $670 million. While NGINX is not a name that you have ever heard of, the reality is that you use NGINX every day when you post a photo, watch streaming video, purchase goods online, or log into your applications at work. NGINX powers over half of the busiest websites in the world. Majority of sites on the Internet today, including The Hacker News, and hundreds of thousands apps, like Instagram, Pinterest, Netflix, and Airbnb are hosted on web servers running NGINX. NGINX web server is the third most widely used servers in the world—behind only Microsoft and Apache, and ahead of Google. In short, the internet as we know it today would not exist without NGINX. F5 Acquires NGINX to Bridge NetOps and DevOps F5 Networks is the industry leader in cloud and security application...

Besides Timehop , another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFactory, owned by GoDaddy. The breach initially happened back in last January this year and just emerged last Tuesday when an unknown attacker himself posted a breach note on the DomainFactory support forum. It turns out that the attacker breached company servers to obtain the data of one of its customers who apparently owes him a seven-figure amount, according to Heise . Later the attacker tried to report DomainFactory about the potential vulnerability using which he broke into its servers, but the hosting provider did not respond, and neither disclosed the breach to its customers. In that situation, the attacker head on to the company's support forum and broke the news with sample data of a few customers as proof, which forced DomainFactory to immediately shut down the forum website and initiate an investigation. Attacker G...

South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them. According to a blog post published by NAYANA, the web hosting company, this unfortunate event happened on 10th June when ransomware malware hit its hosting servers and attacker demanded 550 bitcoins (over $1.6 million) to unlock the encrypted files. However, the company later negotiated with the cyber criminals and agreed to pay 397.6 bitcoins (around $1.01 million) in three installments to get their files decrypted. The hosting company has already paid two installments at the time of writing and would pay the last installment of ransom after recovering data from two-third of its infected servers. According to the security firm Trend Micro , the ransomware used in the attack was Erebus that was first spotted in September last year and was seen in February this year with Win...

Dark Web is right now going through a very rough time. Just two days ago, a hacker group affiliated with Anonymous broke into the servers of Freedom Hosting II and took down more than 10,000 Tor-based .onion dark websites with an alarming announcement to its visitors, which said: " Hello, Freedom Hosting II, you have been hacked. " Freedom Hosting II is the single largest host of underground websites accessible only through Tor anonymising browser that hosts somewhere between 15 and 20 percent of all sites on the Dark Web, anonymity and privacy researcher Sarah Jamie Lewis estimated . Besides defacing all Dark Web sites hosted on Freedom Hosting II with the same message and stealing its database, the hackers also demanded a ransom for 0.1 Bitcoin (just over $100) to return the compromised data to the hosting service. Now, it has been reported that the stolen database from Freedom Hosting II has publicly been released online to a site hosted on the Tor network, wh...

The Dutch hacker, who in 2013 was accused of launching the biggest cyberattack to date against the anti-spam group Spamhaus, escaped prison Monday even after he was sentenced to nearly 8 months in jail because most of his term was suspended. Sven Olaf Kamphuis , 39, was arrested in April 2013 by Spanish authorities in Barcelona based on a European arrest warrant for launching massive distributed denial of service (DDoS) attack against Spamhaus that peaked at over 300 Gbps. Spamhaus is a non-profit group based in Geneva and London that tracks spam and cyber-related threats, creates blacklists of those sites and then sells them to Internet Service Providers. However, the DDoS attacks on the company were so sustained that put "the proper functioning of the Internet at risk and thus the interests of many individuals, businesses and institutions," said the court. Kamphuis was initially sentenced to a total of 240 days, but he has already served 55 days in on remand aft...

Do you know — Your Smart Devices may have inadvertently participated in a record-breaking largest cyber attack that Internet has just witnessed. If you own a smart device like Internet-connected televisions, cars, refrigerators or thermostats, you might already be part of a botnet of millions of infected devices that was used to launch the biggest DDoS attack known to date, with peaks of over 1 Tbps of traffic. France-based hosting provider OVH was the victim to the record-breaking Distributed Denial of Service (DDoS) attacks that reached over one terabit per second (1 Tbps) over the past week. As the Internet of Things (IoT) or connected devices are growing at a great pace, they continue to widen the attack surface at the same time, giving attackers a large number of entry points to affect you some or the other way. 1 Tbps DDoS Attack Hits OVH IoTs are currently being deployed in a large variety of devices throughout your home, businesses, hospitals, and even entire cities (...

Sanmay Ved – the man who actually managed to buy Google.com got a huge reward from Google, but he donated all money to charity. Last week, an ex-Google employee and now-Amazon employee managed to buy the world's most-visited domain Google.com via Google's own Domains service for only $12 . However, Ved owned Google.com for one whole minute before the Mountain View company realized it was a mistake and cancelled the transaction. After acknowledging the mistake, Google rewarded Ved with some unknown amount of cash, but when Ved generously suggested donating his prize money to charity instead, Google just doubled the reward. Google Rewarded Ved with More than $10,000 Ved believed that his real reward was just being the person who bought Google.com for a whole minute. "I do not care about the money," Ved told in an interview with Business Insider. "It was never about the money. I also want to set an example that [there are] people who [wi...

LA-based domain name registrar and hosting company Namecheap warned its customers on Monday that cybercriminals have begun accessing their accounts by using the list of credentials gathered from third-party websites. The Hosting company confirmed the security breach and informed that the hackers have compromised some of its customers' accounts, probably using the " biggest-ever " password theft via Russian Hackers that disclosed list of 1.2 billion usernames and passwords compiled by Russian CyberVor Gang . RUSSIAN GROUP BEHIND THE ATTACK - CYBERVOR The CyberVor Gang allegedly stolen a vast cache of compromised login credentials for " 1.2 billion " accounts, belonging to over half a billion e-mail addresses, warned Hold Security , a Milwaukee-based security company that tracks stolen data on underground cybercriminal forums. The gang appears to have broken into at least 420,000 websites vulnerable to SQL injection attacks, among other techniques, ...

In what has become a yearly tradition, it's now time for us to present 10 of the most noteworthy incidents on the Internet from this past year. As you'll see, 2010 has been very interesting. Just like previous years, we have included problems ranging from website outages and service issues to large-scale network interruptions. If you're an avid Web user, you are bound to recognize several of them. Let's get started! The major incidents on the Internet in 2010 were… Wikipedia's Failover Fail Wikipedia has become so ubiquitous that it can't go down for a minute without people noticing. According to Google Trends for Websites , the site has roughly 50 million visitors per day. In March, servers in Wikimedia's European data center overheated and shut down. The service was supposed to fail over to a US data center. Unfortunately, the failover mechanism didn't work properly and broke the DNS lookups for all of Wikipedia . This effectively rendered the site unreachable worldwide. It took...