Research reveals that 75 percent of Redis Servers Contain Malware

A couple of months back, cyber security researchers cautioned about exposed Apache Solr, Windows, and Redis servers hit with cryptocurrency miners. Now, according to Imperva, there are several open Redis servers. 70 percent of the open Redis servers show signs that they are infected with malicious software.
The security researchers say that Redis is a fantastic tool. Redis has the ability to work as in-memory distributed database, cache and a message agent. This widely popular tool is exposed to malware. The servers of Redis are designed so that they can be accessed by trusted clients inside trusted setups, they do not have default authentication, and all of the information is saved in clear text.
Regrettably, a simple Shodan search reveals that there are around 72,000 publically available Redis servers.
Even though it is used by only the most sophisticated users, Redis servers are made so that they can be used just in trusted setups where only trusted customers have access to the database. Therefore, it means that if these servers get exposed to either the Internet or the setups where untrusted users can access the Redis TCP port or the UNIX socket directly, then they can get endangered or infiltrated by malware easily.
This happens because of a number of reasons. The Redis servers do not have an authentication which is enabled by default, and they have a layer of authentication which is voluntary. In addition to this, Redis does not back up encryption which requires all information to be saved in plain text and it can be accessed by untrusted actors if these servers get exposed to public setups.
How can you protect yourself?
  • Make sure that you are following the notes of Redis Security.
  • Do not, at any cost, reveal your Redis to the internet.
  • If it is possible, then apply authentication.
  • Do not save any sensitive information in clear text.
  • Keep an eye on your Redis server so that you check if it has been infected or not.
    • You may monitor the processes or the CPU consumption and see if a crypto mining malware is running on your device.
  • Be careful while running Redis. Always run Redis with minimum privileges.
  • Do not run Redis with root user because it improves the changes of potential damage which can be caused by an attacker.
Installing a robust antivirus such as Webroot can safeguard your devices and protect them from malware, viruses, spyware, Trojans, etc. These days, crypto miners are on the rise. Webroot antivirus runs in the background of the computer and provides protection in real time. It has an extensive virus database which keeps updating automatically from time to time. Moreover, the Webroot customer support is very amiable and adept at resolving all sorts of issues regarding Webroot. If you want to know how Webroot antivirus works then give a call on the Webroot customer support phone number. The Webroot customer service staff will be happy to help you.

Comments

Post a Comment

Popular posts from this blog

Top Five Riskiest States for Cybercrime

With regards to cybersecurity practices of customers, another report demonstrates that  Florida  positions as the least secure state with most inhabitants falling behind in their familiarity with online wellbeing homes. The Cyber Hygiene Index: Measuring the Riskiest States, led by Ponemon Institute and appointed by Webroot, reviewed in excess of 4,000 customers over each of the 50 states and Washington, D.C., and found that  New Hampshire  scored the most elevated. Interestingly,  Florida  came in dead last, mirroring that most occupants are not prepared to counteract, distinguish or react to digitally related assaults, for example, malware, phishing, ransomware and character/qualification burglary. Wyoming  and  Montana  were simply above Florida, a sign that in spite of prominent ruptures, for example, Equifax, people over the US need cybersecurity training. The range is wide, however, and at the opposite end, people dwelling in New Hampshire,  Massachusetts  and Utah have th
Read more

How to Configure External Monitor on MacBook?

Image
The External monitors can be very useful if you are a businessman or student and your business, school or college provides you MacBooks. But you aren’t satisfied with the display size of the Macbook supplied to you, and you want to use a larger monitor for extending your desktop or increasing the viewing area. These External monitors are also very helpful when you want to show a presentation to your teacher for the school, professor for college, client or customer of a businessman. The idea of this External monitor is also handy for you if you are graphic artists and you need an additional workspace and advertising executives who require both of the screens for editing. You can install the external monitor if you want, just by plugging it into a power source and connecting the plug of the display to the Mini-Display port that is typically available on your MacBook. As soon as you have connected the monitor, you shall see some advanced settings available for personalizing th
Read more

Troubleshoot Unable to log in to Windows 8 when Webroot SecureAnywhere Gives Error While Installation

Nowadays, some of the users are complaining that they are facing an error. They are facing trouble in Microsoft account log in with their Windows 8. They are reporting that a message is showing on the screen that the password is incorrect whereas they are using the correct password. You do not have to worry about this issue. They are saying that this problem is created by installing Webroot program on the computer system. We are suggesting some simple steps to sort out this log in issue from the Windows 8. But to get a perfect solution, you need to follow each given step. We have to make sure that you will get an immediate resolution with this login issue. First go to the login screen, click on the “Power control” option. Hold down the Shift key for few seconds and then click on the Restart. Now, on the Choose an Option screen, click on Troubleshoot. Then on the Troubleshoot screen, click on the Advanced Options. Then on the Advanced Options screen, click System Restore and
Read more