CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

• Post author:Frank Crast
• Post published:April 13, 2021
• Post category:Cybersecurity Attacks/Malware/Security Updates & Patches/Vulnerabilities & Exploits/Zero-days

The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.

Continue Reading CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

Threat actors target vulnerable critical SAP applications

• Post author:Frank Crast
• Post published:April 6, 2021
• Post category:Configuration Management/Cybersecurity Attacks/Security Updates & Patches/Vulnerabilities & Exploits

Security experts from Onapsis and SAP have released a new threat intel report for SAP customers that warns of cyber threat actors targeting unprotected SAP applications.

Continue Reading Threat actors target vulnerable critical SAP applications

Personal data on 533 million Facebook users posted online

• Post author:Frank Crast
• Post published:April 5, 2021
• Post category:Cybersecurity Attacks/Data Breach/Data Privacy

A hacker has leaked personal data on an estimated 533 million Facebook users, to include phone numbers and Facebook account details. The data was leaked on a publicly accessible hacking forum.

Continue Reading Personal data on 533 million Facebook users posted online

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

• Post author:Frank Crast
• Post published:March 30, 2021
• Post category:Cybersecurity Articles/Cybersecurity Attacks/Security Monitoring/Vulnerabilities & Exploits

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

Continue Reading Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Active exploits target WordPress sites running vulnerable Thrive Themes

• Post author:Frank Crast
• Post published:March 25, 2021
• Post category:Cybersecurity Attacks/Security Updates & Patches/Vulnerabilities & Exploits

Cybersecurity experts discovered active exploits against vulnerable WordPress sites running previously patched Thrive Themes and plugins.

Continue Reading Active exploits target WordPress sites running vulnerable Thrive Themes

Energy giant Shell latest victim in Accellion FTA cyberattacks

• Post author:Frank Crast
• Post published:March 24, 2021
• Post category:Cybersecurity Attacks/Data Breach/Security Updates & Patches/Vulnerabilities & Exploits/Zero-days

Energy giant Shell was the latest victim in a series of cyberattacks on customers of Accellion's legacy File Transfer Appliance (FTA) product used to transfer large files.

Continue Reading Energy giant Shell latest victim in Accellion FTA cyberattacks

Critical F5 BIG-IP vulnerability under active attack

• Post author:Frank Crast
• Post published:March 22, 2021
• Post category:Cybersecurity Attacks/Network Security/Security Updates & Patches/Vulnerabilities & Exploits

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

Continue Reading Critical F5 BIG-IP vulnerability under active attack

FBI warns of PYSA Ransomware attacks against schools in the U.S. and U.K.

• Post author:Frank Crast
• Post published:March 20, 2021
• Post category:Cybersecurity Attacks/Malware

The Federal Bureau of Investigation (FBI) has warned of PYSA Ransomware attacks against schools located in the United States and United Kingdom.

Continue Reading FBI warns of PYSA Ransomware attacks against schools in the U.S. and U.K.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

• Post author:Frank Crast
• Post published:March 19, 2021
• Post category:Cybersecurity Attacks/Security Monitoring/System Hardening/Third-Party Security

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Continue Reading CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)

• Post author:Frank Crast
• Post published:March 8, 2021
• Post category:Cybersecurity Attacks/Messaging Security/Security Updates & Patches/Vulnerabilities & Exploits/Zero-days

Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019. The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.

Continue Reading Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)