Technical documentation and proof-of-concept exploit (PoC) code is available for a high-severity vulnerability in Microsoft Exchange Server that could let remote attackers execute code on unpatched machines. The flaw is for one of the four that the National Security Agency (NSA) reported to Microsoft and received a fix in April. Despite being the least severe…
In the past week the Australian government’s language on China has hardened. Defence Minister Peter Dutton has said a war over Taiwan could not be discounted, that Australia was “already under attack” in the cyber domain and that he wants to have a “more frank discussion with the public” about China’s intentions. Mr Dutton said…
Governance & Risk Management , IT Risk Management , Patch Management Permanent Fix Replaces Earlier Workaround Scott Ferguson (Ferguson_Writes) • May 3, 2021 Ivanti, parent company of Pulse Secure, published a permanent fix Monday for a zero-day vulnerability in Pulse Connect Secure VPN products that has been exploited to target U.S. government agencies,…
Critical Patch Out for Month-Old Pulse Secure VPN 0-Day Under Attack | IT Security News 4. May 2021 Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors.Tracked as CVE-2021-22893 (CVSS score…
Defense DOD expands bug bounty program to public networks, systems By Lauren C. Williams May 04, 2021 White hat hackers will get even more opportunities to poke around the Defense Department for vulnerabilities now that it has expanded its bug bounty program to include all of its publicly available information systems. The…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Proofpoint: New Code Makes ‘RustyBuer’ Version Harder to Detect Doug Olenick (DougOlenick) • May 3, 2021 A malicious attachment containing RustyBuer malware (Source: Proofpoint) Attackers are using a freshly updated variant of the Buer first-stage malware loader rewritten in the…
Iranian state-sponsored attackers have been linked to a variety of cyberespionage activities aimed at organizations all over the world. Flashpoint security experts recently discovered another ransomware strain from Iran, that has been operating since July 2020. According to Flashpoint, Iran’s Islamic Revolutionary Guard Corps (IRGC) was running a ransomware campaign through Emen Net Pasargard, an Iranian…
The health care system says it has suspended access to patient portals and other applications related to operations at Scripps facilities. Scripps Health is in the aftermath of a cyberattack that has disrupted patient portals and forced employees to use offline chart systems. Some patients’ appointments have been rescheduled. The health care system confirmed on…
Security researchers document 21 major security vulnerabilities in Exim and warn that users are exposed to remote code execution flaws Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors. An advisory from Qualys documents…
All defenses against Spectre side-channel attacks can now be considered broken, leaving billions of computers and other devices just as vulnerable today as they were when the hardware flaw was three years ago. A paper published on Friday by a team of computer scientists from the University of….
