Category: alerts

Original release date: April 16, 2021 WordPress versions 4.7-5.7 are affected by multiple vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected website.  CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.7.1. This product is provided subject to this Notification and… Read more

The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes. Read more

Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections. Read more

The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. Read more

Original release date: April 15, 2021 CISA and the Department of Defense (DoD) Cyber National Mission Force (CNMF) have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of the analyzed files was identified as a China Chopper webshell server-side component that was observed on a network with an active SUNSHUTTLE infection. The… Read more

Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. Read more

The vulnerability is triggered when a cloud container pulls a malicious image from a registry. Read more

Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. Read more

Original release date: April 15, 2021 CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on Russian Foreign Intelligence Service (SVR) actors scanning for and exploiting vulnerabilities to compromise U.S. and allied networks, including national security and government-related systems. Specifically, SVR actors are targeting… Read more

In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. Read more