Author: DEFENDEDGE

Public proof-of-concept (PoC) exploits for ProxyLogon could be fanning a feeding frenzy of attacks even as patching makes progress. Read more

Google has released the side-channel exploit in hopes of motivating web-application developers to protect their sites. Read more

A survey from Intel shows that most organizations prefer tech providers to have proactive security, but few meet security expectations. Read more

A year after COVID-19 was officially determined to be a pandemic, the methods and tactics used by cybercriminals have drastically changed. Read more

Original release date: March 15, 2021   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info arubanetworks — airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary… Read more

The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months. Read more

Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks. Read more

Original release date: March 13, 2021 CISA has added seven Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Each MAR identifies a webshell associated with exploitation of the vulnerabilities in Microsoft Exchange Server products. After successful exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actors can upload… Read more

The multinational brewing company did not say what type of incident caused a ‘systems outage,’ but it’s investigating and working to get networks back online. Read more

At least 10 nation-state-backed groups are using the ProxyLogon exploit chain to compromise email servers, as compromises mount. Read more