CVE-2021-26855

Top CVEs targeted by PRC state-sponsored cyber actors

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”

Top CVEs targeted by PRC state-sponsored cyber actors Read More »

The Top 15 mostly commonly exploited vulnerabilities in 2021

The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.

The Top 15 mostly commonly exploited vulnerabilities in 2021 Read More »

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed “sophisticated Chinese state-sponsored activity” targeting multiple public and private sectors in the United States.

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity” Read More »

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2) Read More »

Cybersecurity experts warn exploits grow ten-fold after Exchange Server zero-day vulnerabilities revealed

Cybersecurity experts are warning exploits against organizations worldwide have grown ten-fold after recent Microsoft Exchange Server zero-day vulnerabilities known as “ProxyLogon” were revealed.

Cybersecurity experts warn exploits grow ten-fold after Exchange Server zero-day vulnerabilities revealed Read More »

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent joint cybersecurity advisory on the Microsoft Exchange vulnerability exploits, collectively known as “ProxyLogon.”

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks Read More »

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs

Microsoft has released the March 2021 Security updates that includes patches for 89 vulnerabilities, 14 of those rated Critical. The fixes follow just after the tech giant released emergency patched for Exchange flaws being exploited in the wild.

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs Read More »

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)

Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019, collectively known as “ProxyLogon.” The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated) Read More »