Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild

While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor. We reported this new exploit to Microsoft Read More …

CISA gives federal agencies until Friday to patch Exchange servers

The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. Today, Microsoft released security updates for four Microsoft Exchange vulnerabilities discovered by the NSA. These Exchange vulnerabilities are Read More …

NSA discovers critical Exchange Server vulnerabilities, patch now

Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. All the flaws lead to remote code execution on a vulnerable machine and were discovered and Read More …

FBI nuked web shells from hacked Exchange Servers without telling owners

A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers’ owners. On March 2nd, Microsoft released a series of Microsoft Exchange security updates for vulnerabilities actively exploited by a Read More …

NAME:WRECK DNS vulnerabilities affect over 100 million devices

Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. Collectively referred to as NAME: WRECK, the flaws could be leveraged to take Read More …

New Cring ransomware hits unpatched Fortinet VPN devices

A vulnerability impacting Fortinet VPNs is being exploited by a new human-operated ransomware strain known as Cring to breach and encrypt industrial sector companies’ networks. Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom) was discovered by Amigo_A in January Read More …

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

The FBI and the Cybersecurity and Infrastructure Security Agency are warning that advanced persistent threat (APT) nation-state actors are actively exploiting known security vulnerabilities in the Fortinet FortiOS cybersecurity operating system, affecting the company’s SSL VPN products. According to an Read More …

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing industry and its overseas operations, that was designed to steal information. We named the campaign A41APT (not APT41) which is derived from the host name “DESKTOP-A41UVJV” Read More …

Apple releases emergency update for iPhones, iPads, and Apple Watch

Apple has released an emergency update to patch a serious vulnerability (https://support.apple.com/en-us/HT212258) found in iOS, iPadOS, and watchOS. The patches are iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.3.3, respectively. The vulnerability, discovered by Google’s Threat Analysis Group, affects Apple’s WebKit Read More …