Cybercriminals are scanning servers for the Microsoft Exchange ProxyShell RCE vulnerabilities after technical details presented at the Black Hat

Quick Hits: July 19, 2021 *** The Department of Commerce’s Bureau of Industry and Security on Friday restricted trade with four Russian IT and cybersecurity firms due to to concerns that those organizations work with Russia’s Foreign Intelligence Service, support malicious cyber activity or otherwise pose a threat to U.S. national security. Aktsionernoe Obschchestvo Pasit,…

Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary Informations Name CVE-2021-41073 First vendor Publication 2021-09-19 Vendor Cve Last vendor Modification 2021-09-19 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA…

In yet another instance of a software supply chain attack, someone hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.The two malicious commits were pushed to the self-hosted “php-src” repository hosted on the git.php.net server, illicitly using the names of Rasmus…

Microsoft has warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher. From a report: The vulnerability is in Microsoft Azure’s flagship Cosmos database….

QNAP storage devices hijacked by UnityMiner cryptocurrency malware | IT Security News 9. March 2021 Early last week researchers at 360Netlab received reports that QNAP NAS devices were being targetted by a new form of attacks. QNAP is a Taiwanese manufacturer of hardware, including network-attached storage (NAS) devices. Internet of Things (IoT) and NAS devices…

Last month, top executives from Amazon, Microsoft, Cisco, FireEye and dozens of other firms joined the Justice Department in delivering an 81-page report calling for an international coalition to combat ransomware. Leading the effort inside the Justice Department are Lisa Monaco, the deputy attorney general, and John Carlin, who led the agency’s national security division…