Exchange Servers Under Active Attack via ProxyShell Bugs

News Microsoft Releases Out-of-Band Security Patches for Exchange Server Microsoft on Tuesday released out-of-band security patches for Exchange Server to address multiple zero-day flaws that are currently being exploited in active attacks. Organizations running Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 products should apply these patches right away. Microsoft also released security…

In a press release, the US Department of Justice declared it had charged a Latvian woman for her part in reportedly creating and deploying the Trickbot malware, which infected millions of devices, targeting schools, healthcare institutions, public utilities, and governments. The agency claims that Alla Witte was part of a criminal organization known as the…

WordPress core contributor proposes treating Google FLoC as a security vulnerability | IT Security News 19. April 2021 Let’s opt every WordPress site out of FLoC. Nice idea, but security update? Really? A proposal by a WordPress core contributor to treat Google’s FLoC ad tech as a security vulnerability, and therefore backport an automatic opt-out…

Donald Trump’s efforts failed to persuade North Korea to give up its nuclear weapons North Korea has not responded to behind-the-scenes diplomatic outreach since mid-February by President Joe Biden’s administration, including to Pyongyang’s mission to the United Nations, a senior Biden administration official told Reuters on March 13. The disclosure of the so-far unsuccessful U.S….

Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems Akshaya Asokan (asokan_akshaya) • May 1, 2021     The U.S. National Security Agency is offering operational technology security guidance for the Defense Department as well as third-party military contractors and firms in the wake of the attack that targeted SolarWinds in 2020….

Governance & Risk Management , Patch Management Experts Say Advisory Highlights Vulnerability Management Challenges Dan Gunderman (dangun127) • July 30, 2021     Source: CISA A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say. See Also:…