Microsoft Internal Solorigate Investigation Final Update
msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/ We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data. The investigation also found no indications that our systems at Microsoft were used to attack others.. For a small number of repositories, there was additional access, including in some cases, downloading component source code. These repositories contained code for:. a small subset of Azure components (subsets of service, security, identity). a small subset of Intune components. a small subset of Exchange components
SolarWinds attack hit 100 companies and took months of planning, says White House
www.zdnet.com/article/solarwinds-attack-hit-100-companies-and-took-months-of-planning-says-white-house/ The White House warns SolarWinds attack was more than espionage because the private sector targets could lead to follow-up attacks.
Exploit Details Emerge for Unpatched Microsoft Bug
threatpost.com/exploit-details-unpatched-microsoft-bug/164083/ A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.
Windows and Linux servers targeted by new WatchDog botnet for almost two years
www.zdnet.com/article/windows-and-linux-servers-targeted-by-new-watchdog-botnet-for-almost-two-years/ WatchDog botnet uses exploits to take over servers and mine cryptocurrency.
RIPE NCC Internet Registry discloses SSO credential stuffing attack
www.bleepingcomputer.com/news/security/ripe-ncc-internet-registry-discloses-sso-credential-stuffing-attack/ RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts.
SHAREit Flaw Could Lead to Remote Code Execution
www.trendmicro.com/en_us/research/21/b/shareit-flaw-could-lead-to-remote-code-execution.html We discovered several vulnerabilities in the application named SHAREit. The vulnerabilities can be abused to leak a users sensitive data and execute arbitrary code with SHAREit permissions by using a malicious code or app. They can also potentially lead to Remote Code Execution (RCE).
Ninja Forms WordPress Plugin Bug Opens Websites to Hacks
threatpost.com/ninja-forms-wordpress-plugin-hacks/164042/ The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking.
Hackers Leak Gigabytes Of Data Stolen From International Law Firm Jones Day
www.forbes.com/sites/leemathews/2021/02/18/hackers-leak-gigabytes-of-data-stolen-from-international-law-firm-jones-day/ Last month hackers infiltrated a server used by Jones Day, one of the largest and most successful law firms in the world. After failed attempts to extort payment from the firm, the hackers have now uploaded gigabytes of of highly sensitive data that were stolen in the attack.
Estonian Foreign Intelligence Service public report 2021
valisluureamet.ee/en.html The Estonian Foreign Intelligence Service has published a report covering the security situation in the Baltic Sea region.. Full report
Nurserycam horror show: ‘Secure’ daycare video monitoring product beamed DVR admin creds to all users
www.theregister.com/2021/02/18/nurserycam_security_problems_footfallcam_ltd/ Company has a habit of reacting badly to vuln disclosures