CVE-2021-34473 Archives

Top 12 Most Routinely Exploited vulnerabilities in 2022

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 18, 2023 / Apache, BIG-IP, CVE-2018-13379, CVE-2021-26084, CVE-2021-31207, CVE-2021-34473, CVE-2021-34523, CVE-2021-40539, CVE-2021-44228, CVE-2022-1388, CVE-2022-22954, CVE-2022-22960, CVE-2022-26134, CVE-2022-30190, F5, Log4j, log4Shell, ProxyShell, Zoho

Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.

ProxyNotShell POC exploit code released

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 20, 2022 / CVE-2021-34473, CVE-2022-41040, CVE-2022-41082, Exploit, POC, ProxyNotShell, ProxyShell

A security researcher has released proof-of-concept (PoC) exploit code for Microsoft Exchange ProxyNotShell vulnerabilities (CVE-2022-41040 and CVE-2022-41082).

The Top 15 mostly commonly exploited vulnerabilities in 2021

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 2, 2022 / CVE-2018-13379, CVE-2019-11510, CVE-2020-0688, CVE-2020-1472, CVE-2021-21972, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-31207, CVE-2021-34473, CVE-2021-34523, CVE-2021-40539, CVE-2021-44228, log4Shell, ProxyLogon, ProxyShell, Zerologon

The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.

ransomware, cybersecurity, cyber-3998798.jpg

FBI: AvosLocker Ransomware targets victims in critical infrastructure sectors

Malware, Vulnerabilities & Exploits / By Frank Crast / March 21, 2022 / AvosLocker, CVE-2021-31207, CVE-2021-34473, CVE-2021-34523, FBI, IOC, malware

The Federal Bureau of Investigation (FBI) has issued a report of cybercriminals using AvosLocker ransomware to target 52 entities across critical infrastructure sectors. The report includes the latest indicators of compromise (IoC) on the ransomware threat.

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 18, 2021 / APT, ChamelGang, CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, Exchange, Fortigate, Fortinet, ProxyShell, VPN

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Cyberattackers exploiting ProxyShell vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / August 25, 2021 / CVE-2021-34473, CVE-2021-34523, Exchange, LockFile, Microsoft, ProxyShell

Cyberattackers are scanning and exploiting ProxyShell vulnerabilities on unpatched Microsoft Exchange servers.

Microsoft July 2021 Security Updates includes fixes for 13 Critical RCEs, 3 zero-day vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / July 14, 2021 / CVE-2021-33740, CVE-2021-34439, CVE-2021-34448, CVE-2021-34450, CVE-2021-34458, CVE-2021-34464, CVE-2021-34473, CVE-2021-34474, CVE-2021-34494, CVE-2021-34497, CVE-2021-34503, CVE-2021-34522, CVE-2021-34527, Dynamics, Exchange, Malware Protection Engine, Windows, Windows 10, Windows Server

Microsoft has released the July 2021 Security updates that includes patches for 117 vulnerabilities, 13 of those rated Critical. The updates also include fixes for 3 zero-day bugs exploited in the wild.