Microsoft: Two New 0-Day Flaws in Exchange Server

Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a […]

Cyber News

Hackers Hide Malware in Windows Logo, Target Middle East Governments

The group continued to use the LookBack backdoor, but also several new types of malware

Cyber News

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

The SolarMarker group is exploiting a vulnerable WordPress-run website to encourage victims to download fake Chrome browser updates, part of a new tactic in its watering-hole attacks.

Cyber News

Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT

The behavior of the actors was reportedly identical to what was described by Minerva Labs in 2021

Cyber News

With the Software Supply Chain, You Can’t Secure What You Don’t Measure

Reports to the National Vulnerability Database jumped in 2022, but we should pay just as much attention to the flaws that are not being reported to NVD, including those affecting the software supply chain.

Cyber News

Security Vulnerabilities in Covert CIA Websites

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.” Citizen Lab did the research: […]

Cyber News

The cost of a short code for SMS using AWS Pinpoint

$650 on time fee and a charge of $995 per month I wrote about how I was trying to get a short code for AWS Pinpoint here: Sending an SMS Message from a Lambda Function I have requested a pinpoint short code a few times on AWS and had issues getting through the process. This is the […]

Cyber News

Microsoft Confirms Two Exchange Zero-Day Vulnerabilities

The vulnerabilities were first discovered by Vietnamese cybersecurity firm GTSC

Cyber News

New Malware Families Found Targeting VMware ESXi Hypervisors

Threat actors have been found deploying never-before-seen post-compromise implants in VMware’s virtualization software to seize control of infected systems and evade detection. Google’s Mandiant threat intelligence division referred to it as a “novel malware ecosystem” that impacts VMware ESXi, Linux vCenter servers, and Windows virtual machines, allowing attackers to maintain persistent access

Cyber News

Year: 2022

Microsoft: Two New 0-Day Flaws in Exchange Server

Hackers Hide Malware in Windows Logo, Target Middle East Governments

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT

With the Software Supply Chain, You Can’t Secure What You Don’t Measure

Security Vulnerabilities in Covert CIA Websites

The cost of a short code for SMS using AWS Pinpoint

Microsoft Confirms Two Exchange Zero-Day Vulnerabilities

New Malware Families Found Targeting VMware ESXi Hypervisors

Company

Services

Important Links

Get In Touch