Bruce force attacks are attempts to guess common passwords by repeatedly trying to login to your server. SSH is the most common target but FTP, IMAP, POP3, and other password-based systems can be targeted. While you, as perhaps a more sophisticated user, may choose strong passwords, your users may not. Shared hosting servers with thousands […]
Insurers Tire of Paying Ransom to Cyber Crooks
crime, cybercriminal, hosting industry, insurance, ransomware, Security 
July 20, 2021 @ 12:00 am, by raindog308Loss ratios in the cyber insurance world have skyrocketed in recent years – surging 400% year over year. They have hit 70% of paid premiums, which some industry commentators are saying is unsustainable. Previously, standard policy was to “pay the ransom,” but this attitude may be changing. “The ransomware groups got way too greedy too quickly. […]
Beware Black Hat Cookie Stuffing Affiliate Marketing
cookie stuffers, cookie stuffing, gdpr, http cookie, magic cookie, Security, web July 18, 2021 @ 12:00 am, by raindog308Hey, you just browsed my site And this is a crazy Here’s a cookie you didn’t ask for So make me some money maybe! — Cookie Monster, Share It Maybe (sort of) In the LowEnd hosting world, many providers run affiliate programs, which are a completely legitimate marketing method. The way it works is that […]
Seven Years in the Making: Interview with Jordan Smith of BillingServ
Our interview series has featured a lot of industry leaders and we continue today by talking with Jordan Smith, founder and director of BillingServ. He’s also known as @Jord on LowEndTalk where he is a moderator. Read on to learn about this popular billing solution, security in the SaaS space, and Jord’s hot secretary! Where in […]
Guide to Understanding File Permissions in Linux
file permissions, linux, linux file permissions, Security, sysadmin, system administation, tutorial May 16, 2021 @ 7:16 am, by raindog308Since very early in its history, Unix systems have supported file and directory permissions. This security mechanism allow users to make their files private from other users, and for administrators to protect system configuration information from unauthorized changes. In this tutorial we’ll go over the basics of Unix file permissions. Users and Groups All files […]
STU Telecom is Launching an IP Reputation Service
bruce force, ip reputation, port scanning, Security, stu telecom, voip invitations, voip invites May 6, 2021 @ 12:00 am, by raindog308Stuart Elvish from STU Telecom reached out to us to tell us a little about a new IP reputation service they’re rolling out. They submitted a nice writeup and invitation to LEB members to try out the service. If you’re interested in checking the reputation of IPs to see if any nefarious activities are originating […]
Patch Your Exim Installs: “21 Nails” Vulnerability
Thanks to LowEndTalk administrator emeritus @jar for alerting the community to a range of exim vulnerabilities published by Qualys. There is a family of both local and remote vulnerabilities. tl;dr: patch your exim installs. 4.94.2 is the minimum you should be running. Not all distros don’t updates available yet.
DigitalOcean Customer Billing Data Exposed in Security Breach
DigitalOcean (DOCN) acknowledged today that it has informed some customers that DO had “confirmed an unauthorized exposure of details associated with the billing profile on your DigitalOcean account.” DO has since fixed the security flaw that lead to this unauthorized access, which happened between April 9 and April 22. A copy of the email to […]
A Group of Friends Making One of the World’s Most Popular Panels: Interview with DirectAdmin’s Co-Owner, Martynas Bendorius
alma linux, apache, centos, cpanel, debian, directadmin, freebsd, linux, PHP, Security, shared hosting, ubuntu April 28, 2021 @ 12:00 am, by raindog308Our interview series has featured some of the true titans of the hosting industry. We’re very excited to interview Martynas Bendorius, one of the owners of DirectAdmin. As one of the most popular and respected hosting panels, DirectAdmin has been in the game for 20 years, which is like multiple lifetimes in the software or […]
Comment Free For All: Hacking in the Movies
I once watched an episode of Law & Order with a friend who is an attorney. From the moment the action switched from the police to the prosecutors, he was tied up in knots, shouting at the screen all the inaccuracies in the way the courtroom proceedings were portrayed. I feel the same way about […]