We’re tracking a zero-day exploit affecting a still unpatched vulnerability in Plesk that enables an attacker to fully control a vulnerable webserver. Plesk is made by Parallels and is a popular hosting control panel. This vulnerability means all websites hosted on systems that use Plesk are at risk. This spells trouble not only for web […]
Due to additional research of the Trojan.Milicenso threat (a.k.a “Printer Bomb”), we have determined that the threat is downloaded by an .htaccess redirection Web attack and that at least 4,000 websites have been compromised by the gang responsible for the threat. Redirection using the .htaccess fileThe .htaccess file is a configuration file for Web servers that […]
This afternoon the Apache Foundation released an awaited fix to the denial of service (DoS) vulnerability reported a few days ago. The fixes in version 2.2.20 of the Apache httpd server reduce the amount of memory that is used by range requests. If the total bytes of a file requested exceed the total file size, […]
Latest Comments