Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

Continue Reading Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277)

Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

Continue Reading Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277)

OpenSSL patches two High risk vulnerabilities (CVE-2021-3449 and CVE-2021-3450)

OpenSSL has patched two High severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.

Continue Reading OpenSSL patches two High risk vulnerabilities (CVE-2021-3449 and CVE-2021-3450)

Critical F5 BIG-IP vulnerability under active attack

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

Continue Reading Critical F5 BIG-IP vulnerability under active attack