“BadAlloc” vulnerabilities impact broad range of IoT and OT devices

Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed "BadAlloc" that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.

Continue Reading“BadAlloc” vulnerabilities impact broad range of IoT and OT devices

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity's network and SolarWinds systems.

Continue ReadingNew Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.

Continue ReadingCISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

Continue ReadingMicrosoft: New analysis of Exchange Server vulnerabilities and cyberattacks