Exchange Servers Under Active Attack via ProxyShell Bugs

Kaspersky Comment: Critical Microsoft vulnerability is failed to be patched – leaves devices at significant risk Security researchers have found that, despite recent efforts by Microsoft, a critical windows vulnerability has failed to be patched, allowing hackers to take full control of computers and servers. In early June, Microsoft patched a Windows vulnerability that it…

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management Biden Administration Plan Is Part of a Broader Critical Infrastructure Protection Effort Scott Ferguson (Ferguson_Writes) • April 20, 2021     The Biden administration is rolling out a 100-day plan to improve cybersecurity and address cyberthreats across the nation’s electrical grid….

Several days ago, we reported a large-scale data leak that affected 533 million Facebook accounts. The vulnerability that caused the data leak is now fixed. However, the social media platform is facing an investigation by EU regulators. The data breach was possible due to a vulnerability addressed by Facebook in 2019. Despite being two-years old,…

Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts Say Mathew J. Schwartz (euroinfosec) • July 2, 2021     Sodinokibi/REvil ransom note (Source: Malwarebytes) Just as cloud services have taken the business world by storm, the same can be said for ransomware, including one of…

Governance & Risk Management , NIST Standards , Standards, Regulations & Compliance Firms Will Demonstrate Their Architectures to Help Agency Develop Guidance Dan Gunderman (dangun127) • July 26, 2021     The National Institute of Standards and Technology has selected 18 technology companies to demonstrate “zero trust” security architectures as it prepares to draft guidance…

Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime Company Shut Down Part of Its Network That Was Compromised Akshaya Asokan (asokan_akshaya) • June 3, 2021     Japanese conglomerate Fujifilm has shut down part of its network after it was compromised in a suspected ransomware attack, the company said in an update on Wednesday….