CVE-2021-1572

Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service (DDoS) attack recorded to date.The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industry last month. “Within seconds, the botnet bombarded the Cloudflare edge with…

Exchange Server Post-Compromise Attack Activity Shared by Microsoft | IT Security News 29. March 2021 In the context of ongoing Exchange Server attacks, Microsoft has shared information detailing post-compromise activity which has infected vulnerable targets with ransomware and a botnet. When Microsoft released a fix for Exchange Server zero-days on March 2nd, organizations around the…

Application Security , Cybercrime , Device Identification Swiss Citizen Allegedly Leaked Victims’ Stolen Data, Including Source Code Jeremy Kirk (jeremy_kirk) , Mathew J. Schwartz (euroinfosec) • March 19, 2021     A Swiss national who recently highlighted flaws in internet-connected Verkada surveillance cameras has been charged with hacking. See Also: Top 50 Security Threats …

Four individuals behind a “bulletproof hosting” site have pleaded guilty to US racketeering charges, the Department of Justice (DoJ) has announced. The service, designed to accommodate criminal activities and help clients evade detection, was founded by Russians Aleksandr Grichishkin and Andrei Skvortsov. The other two parties are Lithuanian Aleksandr Skorodumov and Estonian Pavel Stassi, who…

Exchange Servers Under Active Attack via ProxyShell Bugs

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Agencies Say Russia’s SVR Continues to Target Vulnerable Networks Scott Ferguson (Ferguson_Writes) • April 26, 2021     The FBI and the Cybersecurity and Infrastructure Security Agency are warning of continued cyberthreats stemming from Russia’s Foreign Intelligence Service, or SVR, which the…