Security researchers have discovered new remote access trojan (RAT) malware that has created an unusual new way of hiding on servers. As first reported on BleepingComputer, this new malware, dubbed CronRAT, hides in scheduled tasks on Linux servers by being set for execution on February 31, a date that doesn't exist. Discovered and named by e-commerce security specialist Sansec, CronRAT is part of a growing trend in Linux server-focused Magecart malware. CronRAT is used to enable server-side Magecart data theft. The security company describes the malware as "sophisticated" and it remains undetected by most antivirus vendors.
A remote code execution vulnerability in PHP7, tracked as CVE-2019-11043, has been exploited in attacks in the wild. On October 22, the security expert Omar Ganiev announced via Twitter the availability of a "freshly patched" remote code execution vulnerability in PHP-FPM, the FastCGI Process Manager (FPM) for PHP. The researchers also shared a link to the PoC code published on the GitHub repository. Many nginx PHP configurations vulnerable, watch out! Thin means that the issue only impacts NGINX servers with PHP-FPM enabled.
When we help NGINX users who are having problems, we often see the same configuration mistakes we've seen over and over in other users' configurations – sometimes even in configurations written by fellow NGINX engineers! In this blog we look at 10 of the most common errors, explaining what's wrong and how to fix it. But it's important to keep in mind that ultimately there is another limit on the number of simultaneous connections per worker: the operating system limit on the maximum number of file descriptors (FDs) allocated to each process. In modern UNIX distributions, the default limit is 1024. For all but the smallest NGINX deployments, a limit of 512 connections per worker is probably too small.
Undoubtedly internet is a miracle that has connected the world in an explicit way that mass communication lies just a click away. With the revolution in communication and information technology, many new websites, blogs, and hosting services have been launched this past decade. It becomes exceptionally tedious to control the increasing load of incoming traffic over a particular domain or a website. If not attended to the overlapping traffic cover the servers right away, the website or the domain could have a serious meltdown. No matter how many servers are installed to solve the problem of increasing the traffic, the system can't become stable.
Web server and application delivery company NGINX has unveiled a suite of products that will allow teams to build or modernise applications using DevOps tools and includes best practices for cloud, containers, and microservices. Its new NGINX Application Platform combines application delivery tools, an application server and policy-driven monitoring and management, the company said. Until now, these services, where available, have existed as separate, discrete systems. NGINX believes that the new platform will provide a number of benefits including, "added agility, stability, improved governance, and visibility". NGINX Plus - a combined load balancer, content cache and web server.