Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days
www.bleepingcomputer.com/news/microsoft/microsoft-april-2021-patch-tuesday-fixes-108-flaws-5-zero-days/ Today is Microsoft’s April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won’t be any easier, so please be nice to your IT staff today.. There are also five zero-day vulnerabilities patched today that were publicly disclosed, with one known to be used in attacks.. To make matters worse, Microsoft fixed four critical Microsoft Exchange vulnerabilities that the NSA discovered.. see also
Released: April 2021 Exchange Server Security Updates
techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617 Vulnerabilities addressed in the April 2021 security updates were responsibly reported to Microsoft by a security partner. Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately to protect your environment.
RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
thehackernews.com/2021/04/rce-exploit-released-for-unpatched.html An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave.. While Google has addressed the issue in the latest version of V8, it’s yet to make its way to the stable channel, thereby leaving the browsers vulnerable to attacks.
NAME:WRECK, a potential IoT trainwreck
blog.malwarebytes.com/reports/2021/04/namewreck-a-potential-iot-trainwreck/ A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Potentially this could impact hundreds of millions of servers, smart devices, and industrial equipment. The researchers that discovered the vulnerabilities have named them NAME:WRECK.. For an attacker to use these vulnerabilities they have to find a way to send a malicious packet in reply to a legitimate DNS request. So the attacker will have to run a person-in-the-middle attack or be able to use an existing vulnerability like DNSpooq between the target device and the DNS server to pull this off.
Ruotsin turvallisuuspoliisi: Venäjän GRU tietomurtojen sarjan takana
www.is.fi/digitoday/tietoturva/art-2000007916952.html Ruotsin turvallisuuspoliisi Säpo syyttää Venäjän sotilastiedustelu GRU:ta laajoista tietomurroista vuosina 2017 ja 2018.
QBot malware is back replacing IcedID in malspam campaigns
www.bleepingcomputer.com/news/security/qbot-malware-is-back-replacing-icedid-in-malspam-campaigns/ Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain.. In one case, the tango seems to be with QBot and IcedID, two banking trojans that are often seen delivering various ransomware strains as the final payload in the attack.
Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898/ While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor.
Sorry, Joe Biden isnt offering you a work visa, its a scam
blog.malwarebytes.com/malwarebytes-news/2021/04/sorry-joe-biden-isnt-offering-you-a-work-visa-its-a-scam/ A US diplomatic mission in Nigeria warns of a visa scam affecting Nigerian citizens looking to move to the United States. Its an old scam message, dressed up with a fresh coat of paint. Shall we take a look?
CS:GO, Valve Source games vulnerable to hacking using Steam invites
www.bleepingcomputer.com/news/security/cs-go-valve-source-games-vulnerable-to-hacking-using-steam-invites/ A group of security researchers known as the Secret Club took to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players.
Deep Analysis: New FormBook Variant Delivered in Phishing Campaign Part I
www.fortinet.com/blog/threat-research/deep-analysis-new-formbook-variant-delivered-phishing-campaign-part-I FortiGuard Labs captured a phishing campaign that was sending a Microsoft PowerPoint document as an email attachment to spread the new variant of the FormBook malware.