web servers | Breaking Cybersecurity News | The Hacker News

Cybercriminals have figured out a way to abuse widely-used Memcached servers to launch over 51,000 times powerful DDoS attacks than their original strength, which could result in knocking down of major websites and Internet infrastructure. In recent days, security researchers at Cloudflare , Arbor Networks , and Chinese security firm Qihoo 360 noticed that hackers are now abusing "Memcached" to amplify their DDoS attacks by an unprecedented factor of 51,200. Memcached is a popular open-source and easily deployable distributed caching system that allows objects to be stored in memory and has been designed to work with a large number of open connections. Memcached server runs over TCP or UDP port 11211. The Memcached application has been designed to speed up dynamic web applications by reducing stress on the database that helps administrators to increase performance and scale web applications. It's widely used by thousands of websites, including Facebook, Flickr,

Thousands of computers and web servers running Linux and FreeBSD operating systems have been infected over past five years with sophisticated malware that turn the machines into spambots. The new Linux malware, discovered by the security researchers from the antivirus provider Eset, has been dubbed " Mumblehard " because it is Muttering spam from your servers , says Eset 23-page long report (PDF) titled "Unboxing Linux/Mumblehard." Researchers have logged more than 8,500 unique IP addresses during the seven months period of research that were hit by Mumblehard Linux malware and found over 3,000 machines joined them in the past three weeks. Mumblehard features two basic components: Backdoor  Spamming daemon  Both written in the Perl programming language and "feature the same custom packer written in assembly language." The backdoor allows hackers to infiltrate into the system and control the command and control servers, and t

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.