Category: alerts
Category Added in a WPeMatico Campaign
-
Microsoft Releases Exchange On-premises Mitigation Tool
Original release date: March 16, 2021 Microsoft has released the Exchange On-premises Mitigation Tool (EOMT.ps1) that can automate portions of both the detection and patching process. Microsoft stated the following along with the release: “[the tool is intended] to help customers who do not have dedicated security or IT teams to apply these security updates.… Read more
-
Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices
A new Mirai variant is targeting known flaws in D-Link, Netgear and SonicWall devices, as well as newly-discovered flaws in unknown IoT devices. Read more
-
Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix
Public proof-of-concept (PoC) exploits for ProxyLogon could be fanning a feeding frenzy of attacks even as patching makes progress. Read more
-
Google Releases Spectre PoC Exploit For Chrome
Google has released the side-channel exploit in hopes of motivating web-application developers to protect their sites. Read more
-
Cybersecurity Bug-Hunting Sparks Enterprise Confidence
A survey from Intel shows that most organizations prefer tech providers to have proactive security, but few meet security expectations. Read more
-
Cyberattacks See Fundamental Changes, A Year into COVID-19
A year after COVID-19 was officially determined to be a pandemic, the methods and tactics used by cybercriminals have drastically changed. Read more
-
Vulnerability Summary for the Week of March 8, 2021
Original release date: March 15, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info arubanetworks — airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary… Read more
-
Google Warns Mac, Windows Users of Chrome Zero-Day Flaw
The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months. Read more
-
Critical Security Hole Can Knock Smart Meters Offline
Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks. Read more
-
Updates on Microsoft Exchange Server Vulnerabilities
Original release date: March 13, 2021 CISA has added seven Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Each MAR identifies a webshell associated with exploitation of the vulnerabilities in Microsoft Exchange Server products. After successful exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actors can upload… Read more