Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Haythem Elmir

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit […]

Misconfigured database belonging to Amadeus exposed information of 15 million passengers

Haythem Elmir

The database contained information on 36 million booked flights, 15 million passengers, over one million hotel bookings, and 700,000 visa applications. Information on international travel plans of high-ranking Israeli diplomats including Israeli Prime Minister Benjamin Netanyahu has been exposed. What is the issue? A misconfigured database belonging to Amadeus’ Alp.co.il, […]

CVE-2019-0708 Technical Analysis (RDP-RCE)

Haythem Elmir

CVE-2019-0708 Technical Analysis (RDP-RCE) Microsoft patch Tuesday this May (2019) comes with patch for critical RDP RCE Vulnerability, CVE-2019-0708 Remote Code Execution Vulnerability exists in Remote Desktop Services (RDP) pre-authentication and requires no user interaction Microsoft described it as “Wormable” so we could see new Wannacry hit the world ! […]