New PoC for Microsoft Exchange bugs puts attacks in reach of anyone
www.bleepingcomputer.com/news/security/new-poc-for-microsoft-exchange-bugs-puts-attacks-in-reach-of-anyone/ A security researcher has released a new proof-of-concept exploit this weekend that requires slight modification to install web shells on Microsoft Exchange servers vulnerable to the actively exploited ProxyLogon vulnerabilities. Will Dorman, a Vulnerability Analyst at the CERT/CC, tested the vulnerability on a Microsoft exchange server and told BleepingComputer that it worked with very little modification. “It’s within the reach of “script kiddie” now, ” warned Dorman in our discussion about the PoC.
Threat Assessment: DearCry Ransomware
unit42.paloaltonetworks.com/dearcry-ransomware/ Last week, Microsoft reported that attackers compromised Exchange Mail Servers with the use of four zero-day vulnerabilities. While patches have been released by Microsoft, adversaries are still attacking vulnerable versions of Microsoft Exchange Servers with malicious tools, malware and data exfiltration. Further, Microsoft has confirmed the existence of a ransomware variant leveraging these vulnerabilities, which has been dubbed “DearCry.”. It is reasonable to suspect that the ransomware authors were paying homage to an unrelated yet infamous ransomware family, “WannaCry, ” which was used as a payload within an orchestrated attack campaign leveraging known Microsoft vulnerabilities to infect victims en masse.
Microsoft Probes Whether Leak Played Role in Suspected Chinese Hack
www.wsj.com/articles/microsoft-probing-whether-leak-played-role-in-suspected-chinese-hack-11615575793 Microsoft Corp. is investigating whether the hackers behind a world-wide cyberattack may have obtained sensitive information necessary to launch the attack from private disclosures it made with some of its security partners, according to people familiar with the matter.
Huawei Listed Anew as Threat to US National Security
www.securityweek.com/huawei-listed-anew-threat-us-national-security US regulators on Friday listed Huawei among Chinese telecom gear firms deemed a threat to national security, signaling that a hoped for softening of relations is not in the cards.
Tuntuuko sinustakin, että internet on pilalla? Ylen haastattelussa Wikipedian johtaja, joka uskoo, että nyt alkaa uusi aika: “Tilinteko on todennäköinen”
yle.fi/uutiset/3-11770643 “Viestintävälineitä voidaan hyödyntää kuin aseita. Aiemmin sellainen oli mahdollista vain hallituksille”, Ryan Merkley sanoo.