Exchange Servers Under Active Attack via ProxyShell Bugs

The European Banking Authority (EBA), a key EU financial regulator, said hackers have compromised its Microsoft Exchange servers as part of a global cyberattack, which is affecting thousands organizations worldwide. Following the cyberattack, the agency took offline its email systems as a security measure. “The Agency has swiftly launched a full investigation, in close cooperation…

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month.The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by security researcher Kevin Beaumont. “Mass scanning activity detected from 104.40.252.159 checking for

WASHINGTON — The Biden administration and Western allies, including all NATO members, formally blamed China on Monday for a major hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyberoperations. China’s “pattern of irresponsible behavior in cyberspace is inconsistent with…

A newly uncovered cyberattack is taking control of victims’ Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known….

The White House Is Deciding Whether to Support a Bureau of Cyber Statistics

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The update_log function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected via….