🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

Spies hack high-value mail servers using an exploit from yesteryear

Arstechnica

Arstechnica · 55y ago

Spies hack high-value mail servers using an exploit from yesteryear

In a recent operation named RoundPress, security firm ESET discovered that the Russian-backed hacking group Sednit exploited old XSS vulnerabilities in mail server software to target high-value email accounts. The affected software included packages from Roundcube, MDaemon, Horde, and Zimbra, primarily targeting defense contractors in Bulgaria and Romania. The attackers used spearphishing emails to embed XSS exploits, compromising contacts and emails. Some of the vulnerabilities had been previously patched but were ignored by targeted organizations.

Related News

India may block Proton Mail | TechCrunch

TechCrunch · 1y ago

India may block Proton Mail | TechCrunch

Proton, the Swiss privacy-focused email service, has received a notice of a potential block in India after its platform was used to send bomb threats to schools in Tamil Nadu. Proton has condemned the possible block, stating that it will not prevent cybercriminals from using other email services and will only harm ordinary users. The Indian IT Ministry issued the notice to block Proton Mail at the request of the Tamil Nadu police. Proton Mail had previously removed its VPN servers in India due to a law requiring disclosure of customer information.

Britain's NCSC detects 'limited number' of UK victims in Microsoft hack campaign - The Economic Times

Economic Times

Economic Times · 1m ago

Britain's NCSC detects 'limited number' of UK victims in Microsoft hack campaign - The Economic Times

Britain's National Cyber Security Centre (NCSC) identified a limited number of UK victims in a hacking campaign targeting Microsoft SharePoint servers. Microsoft alerted about "active attacks" on these servers, although SharePoint Online in Microsoft 365 was unaffected. This exploit, known as a "zero day," poses ongoing risks to organisations using on-premises SharePoint systems. The incident highlights the continuous threat of cyber attacks on critical infrastructure and the need for vigilant cybersecurity measures.

Nvidia closes with $2 trillion valuation as Dell stokes AI rally

Economic Times

Economic Times · 1y ago

Nvidia closes with $2 trillion valuation as Dell stokes AI rally

Nvidia achieved a milestone as its stock market value closed above $2 trillion for the first time on Friday. The surge was fueled by an optimistic forecast from Dell Technologies, which uses Nvidia's processors in its high-end servers. Dell's positive outlook, indicating a surge in orders for its AI-optimized servers, caused its shares to jump by 32% and Nvidia's stock to rise by 4%. This elevated Nvidia to become the third most valuable company on Wall Street, behind Microsoft and Apple. Other chipmakers, including Super Micro Computer, Broadcom, Marvell Technology, and Advanced Micro Devices, also experienced record-high rallies.

Zero-Day Exploit Hits Microsoft SharePoint: FBI, Microsoft Warn Users to Patch Immediately

StartupTalky

StartupTalky · 1m ago

Zero-Day Exploit Hits Microsoft SharePoint: FBI, Microsoft Warn Users to Patch Immediately

A zero-day exploit targeting Microsoft SharePoint has been reported, prompting immediate patch installation warnings from Microsoft and the FBI. These attacks affect on-site SharePoint servers used by businesses and government bodies but do not impact SharePoint Online. The exploit allows attackers to perform spoofing, posing a significant risk. Concurrently, Microsoft is undergoing layoffs, impacting approximately 9,000 employees globally as part of structural changes to position the company for future success.

Feds bust leader of neo-Nazi cult who used Discord and Telegram to groom and exploit children

Business Insider

Business Insider · 1y ago

Feds bust leader of neo-Nazi cult who used Discord and Telegram to groom and exploit children

The leader of a racist pedophile cult was arrested for possession of child sexual abuse material. Kalana Limkin, the leader of the cult, was found to have created a splinter group called "Cultist" which aimed to groom and exploit children using extreme violence and explicit material. Limkin admitted to law enforcement that he used Discord and Telegram to desensitize vulnerable populations and corrupt minors. The FBI had been investigating a network of servers dedicated to spreading neo-Nazi ideology and exploiting children.

Critical vulnerability affecting most Linux distros allows for bootkits

Arstechnica

Arstechnica · 1y ago

Critical vulnerability affecting most Linux distros allows for bootkits

Linux developers are working on patching a high-severity vulnerability that enables the installation of firmware-level malware, granting deep-level access to an infected device. The vulnerability exists in shim, a component that runs in the firmware during the early boot process. Successful exploitation allows attackers to execute malicious firmware before the operating system starts, neutralizing the secure boot mechanism. The flaw, named CVE-2023-40547, is a buffer overflow that can be exploited through compromised devices or servers. Physical access to a device or administrative control could also be used to exploit the vulnerability.

This new Linux malware is targeting some major victims — Docker, Apache Hadoop, Redis and Confluence all under attack

Techradar

Techradar · 1y ago

This new Linux malware is targeting some major victims — Docker, Apache Hadoop, Redis and Confluence all under attack

Hackers are targeting misconfigured servers running Docker, Confluence, and other services to install cryptocurrency miners. Researchers have discovered a malware campaign that utilizes various payloads to exploit vulnerable servers, including those running Apache Hadoop YARN, Docker, Confluence, and Redis. The attackers take advantage of an unauthenticated and remote OGNL injection vulnerability to execute code and gain access. The malware drops a cryptocurrency miner, spawns a reverse shell, and maintains persistent access to compromised hosts. The specific threat actor behind the campaign has not been identified, but the shell script payloads resemble those used by TeamTNT and WatchDog.

Millions of Apple Airplay-enabled devices can be hacked via Wi-Fi

Arstechnica

Arstechnica · 4m ago

Millions of Apple Airplay-enabled devices can be hacked via Wi-Fi

Researchers from cybersecurity firm Oligo have uncovered vulnerabilities, called AirBorne, in Apple’s AirPlay protocol affecting millions of third-party devices. These bugs potentially allow hackers to exploit unpatched AirPlay-enabled devices on the same Wi-Fi network to spread malicious code and gain unauthorized access. While Apple has issued patches for its devices, many third-party gadgets may remain vulnerable. Hackers could use these devices to maintain access, hack networks, or conduct espionage.

HPE ships first batch of 1,000 Made-in-India servers

Economic Times

Economic Times · 1y ago

HPE ships first batch of 1,000 Made-in-India servers

Hewlett Packard Enterprise (HPE) has shipped its first batch of 1,000 data servers made in India, marking the company's progress towards achieving its $1 billion local manufacturing target over the next five years. HPE is using its contract partner VVDN Technologies for surface mount technology, contributing 80% of value addition in India through PCB assembly. These servers are primarily being used in the public sector, large telecom companies, and are now being expanded to the SMB and mid-market segments in tier-2 and tier-3 cities.

Mysuru’s Kaynes to make 3,000 RUDRA servers for govt’s CDAC

Economic Times

Economic Times · 1y ago

Mysuru’s Kaynes to make 3,000 RUDRA servers for govt’s CDAC

Kaynes Technology, an integrated electronics manufacturer in Mysuru, has been awarded a contract by the Centre for Development of Advanced Computing (CDAC) to manufacture 3,000 RUDRA high-performance computing (HPC) servers. These servers will be part of the National Supercomputing Mission (NSM) and will be used in sectors like data centres, banking, healthcare, and manufacturing. Traditionally, servers in India have been imported, but this contract signifies a move towards indigenous manufacturing. Kaynes Technology plans to start manufacturing the servers in the next 20 weeks.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

Aug 2025

Build. Comply. Fund. Fly.

Crypto to INR payments app for Indians

Your CV, Done Right.

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

Download the medial app to read full posts, comements and news.