Critical F5 BIG-IP vulnerability under active attack

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

Continue Reading Critical F5 BIG-IP vulnerability under active attack

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Continue Reading CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

Chrome security update (89.0.4389.90) fixes zero-day exploited in the wild (CVE-2021-21193)

Google has released Chrome 88 security update (89.0.4389.90) for Windows, Mac and Linux with fixes for five vulnerabilities. One of those vulnerabilities has been exploited in the wild (CVE-2021-21193).

Continue Reading Chrome security update (89.0.4389.90) fixes zero-day exploited in the wild (CVE-2021-21193)

Cybersecurity experts warn exploits grow ten-fold after Exchange Server zero-day vulnerabilities revealed

Cybersecurity experts are warning exploits against organizations worldwide have grown ten-fold after recent Microsoft Exchange Server zero-day vulnerabilities were revealed.

Continue Reading Cybersecurity experts warn exploits grow ten-fold after Exchange Server zero-day vulnerabilities revealed

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent joint cybersecurity advisory on the Microsoft Exchange vulnerability exploits.

Continue Reading FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs

Microsoft has released the March 2021 Security updates that includes patches for 89 vulnerabilities, 14 of those rated Critical. The fixes follow just after the tech giant released emergency patched for Exchange flaws being exploited in the wild.

Continue Reading Microsoft March 2021 Security Updates, fixes for 14 Critical bugs