Another zero-day vulnerability in SolarWinds Serv-U product exploited by cyber criminals

LinkedIn has denied allegations of data breach after LinkedIn data of over 700 million users was reported exposed on the dark web. According to a report by Restore Privacy, an unknown hacker has obtained a new dataset of over 700 million LinkedIn users containing details including phone numbers, physical addresses, geolocation data, and inferred salaries….

Critical Infrastructure Security , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Cybereason’s Sam Curry on DarkSide and New Breed of Ransomware Attack Tom Field (SecurityEditor) • May 12, 2021     Sam Curry, CSO, Cybereason In April, Cybereason published a blog describing its research into the DarkSide ransomware strain that infected…

After Microsoft warned its customers against a Chinese nation-state cyberattack that is targeting the tech giant’s “Exchange Server” software, ransomware gangs have started to target vulnerable instances. Microsoft has confirmed that a new strain of ransomware is targeting vulnerable on-premise Microsoft Exchange Servers through ProxyLogon vulnerabilities as cybercriminal groups focus on those who haven’t (or…

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Agency Says Blocking Outgoing Connections From Orion Would Have Stopped Malware Jeremy Kirk (jeremy_kirk) • June 22, 2021     Federal agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by using recommended firewall configurations, but this step isn’t…

Biden Nominates More Ex-NSA Officials to Top Cybersecurity Roles – IT Security News Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products – Employee awareness training – Security tests for applications and pentesting … and more. Daily Summary Categories CategoriesSelect Category(ISC)2 Blog  (323)(ISC)2 Blog infosec  (13)(ISC)² Blog  (339)2020-12-08 – Files…

Upon clicking the ad, the user is taken to a fake Clubhouse app website that looks quite authentic but its download link drops malware. Last year, in two separate incidents hackers abused Facebook ads to phish 615,000 account credentials. Then, the infamous Ragnar Locker ransomware gang was found using Facebook ads to extort victims. Now…