Exchange Servers Under Active Attack via ProxyShell Bugs

Governance & Risk Management , IT Risk Management , Patch Management Vulnerability Affects Siemens SIMATIC S7-1200 and S7-1500 CPU Akshaya Asokan (asokan_akshaya) • June 1, 2021     (Photo: Siemens) Siemens has released patches for certain automation products that have a critical memory protection vulnerability, which attackers could exploit to run arbitrary code to access…

The Russian foreign ministry said John Sullivan, the US ambassador to Russia, should return home for consultations too. Washington said its own sanctions were payback for Russia interfering in last year’s US election, cyber hacking, bullying Ukraine and other alleged malign actions. Russia denies all the US allegations. Retaliation Moscow’s response was mostly tit-for-tat. It…

JOHANNESBURG – A cyber attack has disrupted container operations at the South African port of Cape Town, an email seen by Reuters on Thursday said. Durban, the busiest shipping terminal in sub-Saharan Africa, was also affected, three sources with direct knowledge of the matter told Reuters. Cape Town Harbour Carriers Association said in an email…

NEW YORK: China’s cybersecurity watchdog suggested Didi Global Inc delay its initial public offering and urged it to review its network security, weeks before the Chinese ride-hailing giant went public, the Wall Street Journal reported on Monday, citing people familiar with the matter. It isn’t known whether Didi carried out its own review, according to…

ESET researchers discover a new Lazarus backdoor deployed against a freight logistics firm in South Africa ESET researchers have discovered a previously undocumented Lazarus backdoor, which they have dubbed Vyveva, being used to attack a freight logistics company in South Africa. The backdoor consists of multiple components and communicates with its C&C server via the…

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims’ credentials. Researchers at email and collaboration security firm Avanan discovered the campaign, which is the….