Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.
A security researcher has released proof-of-concept (PoC) exploit code for Microsoft Exchange ProxyNotShell vulnerabilities (CVE-2022-41040 and CVE-2022-41082).
The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.
The Federal Bureau of Investigation (FBI) has issued a report of cybercriminals using AvosLocker ransomware to target 52 entities across critical infrastructure sectors. The report includes the latest indicators of compromise (IoC) on the ransomware threat.
Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.
Cyberattackers are scanning and exploiting ProxyShell vulnerabilities on unpatched Microsoft Exchange servers.
Microsoft July 2021 Security Updates includes fixes for 13 Critical RCEs, 3 zero-day vulnerabilities
Microsoft has released the July 2021 Security updates that includes patches for 117 vulnerabilities, 13 of those rated Critical. The updates also include fixes for 3 zero-day bugs exploited in the wild.