The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.
Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019. The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.
Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.
VMware has patched multiple vulnerabilities, to include one Critical vulnerability (CVE-2021-21972) that has exposed thousands of servers online.
Cyber attackers have been exploiting Accellion File Transfer (FTA) appliance 0-day vulnerabilities to steal data and threaten their victims with extortion attempts.
Security researchers have discovered a new strain of macOS malware dubbed "Silver Sparrow" that has secretly infected nearly 30,000 Apple Mac devices.
U.S. Government cybersecurity experts have issued a security alert and analysis on AppleJeus malware used by North Korean threat actors to steal cryptocurrency.
Microsoft and FireEye have revealed new details on the infamous SolarWinds cyberattack used to spread a virus to 18,000 government and corporate computer networks.
A hacker remotely accessed a Florida city water treatment plant and attempted to increase the chemical level to "dangerous levels" before the cyberattack was thwarted.
Google has released a new Chrome 88 security update (88.0.4324.150) for Windows, Mac and Linux with a fix for a zero-day vulnerability CVE-2021-21148 exploited in the wild.