My first article in this series covered why visibility into industrial environments is challenging yet necessary, highlighting three key questions to ask when evaluating industrial cybersecurity solutions.
Source: Read More (SecurityWeek RSS Feed)
Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/ Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. ProxyShell is the name for three vulnerabilities that perform unauthenticated, remote code execution on Microsoft Exchange servers when chained together. […]
Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil’s instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account balances into another bank account under cybercriminals’ control. “The attackers distributed two different variants of banking malware, named PixStealer and MalRhino, […]
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) injection flaw that Source: Read More […]