"That Rackspace offered opaque updates for days, then admitted to a ransomware event without further customer assistance is outrageous," according to one attorney. Class-action lawsuits against Rackspace are popping up around the country.
Read More
LastPass had security incidents in 2011, 2015, 2016, 2017 (twice), 2019, 2021, and twice now in 2022. Are you still using them? Why?
Read More
There's an important security vulnerability in WHMCS 8.5.x and 8.6.x. WHMCS won't tell you what it is, but will tell you that you need to patch ASAP. No earlier versions are affected.
Read More
If you're seeing weird things in your logs, it's because the UK National Cyber Security Center has decided to scan all UK systems as part of their "Scanning the Internet for Fun and Profit" (their term). Click to learn how to opt-out.
Read More
"We lost your data. It's your problem. OKTHXBYE - Internap."
Read More
As of this morning, Uber has the following positions open: Senior Security Engineer - Application Security Security Engineer - Penetration Testing Security Engineer II Security Incident Commander II T...
Read More
Check out this sentence: "For the author, this business model enables them to scale their earnings from their software with less risk." I slightly modified the original, but we're not talking about a...
Read More
Sometimes you see stuff in the media and wonder if it's really news. Some celebrity broke up with some other celebrity. Some tech company released version X.Y which is .0001% better. LastPass was h...
Read More
Presenting at the Black Hat USA conference this week, Trend Micro had an interesting comment: Over the last few years, we’ve noticed a disturbing trend – a decrease in patch quality and a reduction in...
Read More
Twilio has suffered a data breach and the attackers "used the stolen credentials to gain access to some of our internal systems". Twilio is a messaging platform with a nice API. I used it last year t...
Read More
If your organization's data is being held for ransom by hackers, should you pay up? The universal consensus is that you shouldn't because it encourages criminals. But an earlier question needs to be...
Read MoreWordfence reports that hackers are widely attempting to exploit a vulnerability that they reported over three months ago. According to The Register: Wordfence disclosed the flaw almost three months a...
Read More
LowEndTalk member @Chuck alerted the community to a terrific deal: you can get a full access lifetime membership for Shodan.io for only $5 - that's 90% off the list price! However the deal expires at...
Read More
"Today Intel released two security advisories addressing 2 medium severity vulnerabilities reported by academic researchers from ETH Zurich who have labeled their side-channel attack as “Retbleed” due...
Read More
The Phishing Attack On April 9, 2022, some not-so-nice ungentleman went phishing. As announced on Low End Talk, phishing emails were received by several Low End Talk members. The phishing emails false...
Read More
Word is out of a new vulnerability in Chrome, and it sounds serious. If your browser has an update, you should definitely restart to apply to reach version 99.0.4844.84. New updates are out for Wind...
Read More
Okta (NASDAQ:OKTA), which provides digital identity authentication services to big companies, confirmed Tuesday that it had suffered a security breach. Their stock plunged nearly 9% as reports piled...
Read More
A new vulnerability that affects many Linux systems has been revealed: Pwnkit. This attack uses a vulnerability in polkitd to allow any user to escalate his privileges to root. There are patches for...
Read More
As a quick followup to our story from a couple days ago about the HostSolutions.ro hack, owner Marius has now commented on LowEndTalk, confirming the breach and adding some details. The entire thread...
Read More
News broke on Christmas Eve that HostSolutions.ro has been hacked. Community member @MikaelStrang posted the email below that he received from a hacker claiming to have the HostSolutions WHMCS databa...
Read MoreGartner, one of the world's major IT consulting firms, recently shared their "Top Strategic Predictions for 2022 and Beyond" at a conference. Most of the content concerned economic and technological...
Read More
Vulnerabilities don't get much worse than cases where typing the right characters into a chat box gives you remote access to the world's Minecraft servers. Whoops. It's been termed the worst hack in...
Read More
Now that (hopefully?) the CentOS Stream debacle and the subsequent rise of Alma and Rocky Linux is behind us, there's news from RedHat that RHEL 9 has gone beta. Is this the love child that will fina...
Read More
There are a number of ways you can restrict access to your VPS. Passwords (specifically, good passwords) is the most basic method. Restricting access to ssh keys only is better. You can use Google Aut...
Read More
Periodically I've had auditors come to me and say "can you tell me what this user on this system did between such-and-such dates/times" and my answer is usually no. By default, Linux systems don't log...
Read More
Security gurus have suggested for years that relying on SMS for two-factor authentication is a bad idea. Reasons include Your phone may be stolen Many people allow SMS messages to be displayed on lo...
Read More
Are passwords a dying breed? In a blog post published September 15, Microsoft Vice President of Security, Compliance, and Identity Vasu Jakkal entitled "The passwordless future is here for your Micros...
Read More
Feb 02, 2023
Feb 01, 2023
Feb 01, 2023
Jan 31, 2023
LowEndBox is dedicated to helping people run websites and services on low end dedicated servers and cheap virtual private servers, where you only need to pay a few dollars a month. Our mission is to help people find cheap vps hosting. [Learn more about LowEndBox]
MannDude / Feb 02, 2023
bac / Feb 02, 2023
Dvo / Nov 25, 2022
dustinc / Dec 26, 2022
