Category: alerts
Category Added in a WPeMatico Campaign
-
Mandiant Front Lines: How to Tackle Exchange Exploits
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections. Read more
-
Gafgyt Botnet Lifts DDoS Tricks from Mirai
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. Read more
-
CISA and CNMF Analysis of SolarWinds-related Malware
Original release date: April 15, 2021 CISA and the Department of Defense (DoD) Cyber National Mission Force (CNMF) have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of the analyzed files was identified as a China Chopper webshell server-side component that was observed on a network with an active SUNSHUTTLE infection. The… Read more
-
Attackers Target ProxyLogon Exploit to Install Cryptojacker
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. Read more
-
Security Bug Allows Attackers to Brick Kubernetes Clusters
The vulnerability is triggered when a cloud container pulls a malicious image from a registry. Read more
-
Ransomware Attack Creates Cheese Shortages in Netherlands
Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. Read more
-
NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks
Original release date: April 15, 2021 CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on Russian Foreign Intelligence Service (SVR) actors scanning for and exploiting vulnerabilities to compromise U.S. and allied networks, including national security and government-related systems. Specifically, SVR actors are targeting… Read more
-
FBI Clears ProxyLogon Web Shells from Hundreds of Orgs
In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. Read more
-
Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes
Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack. Read more
-
Threat Actors Targeting Cybersecurity Researchers
Original release date: April 14, 2021 Google and Microsoft recently published reports on advanced persistent threat (APT) actors targeting cybersecurity researchers. The APT actors are using fake social media profiles and legitimate-looking websites to lure security researchers into visiting malicious websites to steal information, including exploits and zero-day vulnerabilities. APT groups often use elaborate social… Read more