What’s New in DivvyCloud by Rapid7: February 2021 Feature Releases
February was another busy month. Internally, as we work to improve our processes, we are still committed to maintaining our...
News
Apple fixes CVE-2021-1844 RCE that affects iOS, macOS, watchOS, and Safari
Apple released out-of-band patches to address a remote code execution, tracked as CVE-2021-1844, that affect iOS, macOS, watchOS, and Safari...
SUPERNOVA backdoor that emerged after SolarWinds hack is likely linked to Chinese actors
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks Supernova malware spotted on compromised SolarWinds Orion installs...
UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign
Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are...
SolarWinds spurs investment in threat hunting, supplier vetting
Organizations that boosted security budgets in response to the SolarWinds hack invested the most in threat hunting. (“SolarWinds letters” by sfoskett is licensed...
A week in security (March 1 – 7)
Last week on Malwarebytes Labs, our podcast featured Eva Galperin who talked to us about defending online anonymity and speech....
International Women’s Day: Women in tech name their heroes
Happy Monday! And if you haven’t yet checked the significance of this day—March 8—before grabbing coffee, today is International Women’s...
Supermicro and Pulse Secure Issue Advisories Regarding ‘TricBoot’ Assaults
Supermicro, a U.S.-based information technology firm and VPN provider Pulse Secure have released their advisories regarding the vulnerabilities of their...
Hacked SendGrid Accounts used In Phishing Attacks To Steal Logins
A new cyber campaign has come to known as a phishing attack. Outlook Web Access and Office 365 services...
Snort Vulnerability Leads Various Cisco Products Exposed to Vulnerabilities
Earlier this week, the company told its customers that several Cisco products have been exposed to DoS (Denial of Service)...
Researcher Laxman Muthiyah Awarded with $50,000 for Detecting a Flaw in Microsoft Account
A bug bounty hunter was awarded $50,000 by Microsoft for revealing a security vulnerability leading to account deprivation. The expert...
BEC Scammer Infects own Device, Exposes their Activity
In some media depictions, criminal and state-backed hackers are constantly portrayed as cunning and sophisticated, gliding inexorably toward their most...
How to Keep Up With Vulnerability Management Challenges in Ephemeral Cloud Environments
This blog is part of an ongoing series sharing key takeaways from Rapid7’s 2020 Cloud Security Executive Summit. Interested in...
Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA
The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The...
Microsoft updated MSERT to detect web shells used in attacks against Microsoft Exchange installs
Microsoft updated its Microsoft Safety Scanner (MSERT) tool to detect web shells employed in the recent Exchange Server attacks. Early...
The launch of Williams new FW43B car ruined by hackers
The presentation of Williams’s new Formula One car was ruined by hackers that forced the team to abandon the launch...
Chinese hackers allegedly hit thousands of organizations using Microsoft Exchange
Thousands of organizations may have been victims of cyberattacks on Microsoft Exchange servers conducted by China-linked threat actors since January....
Thousands of U.S. Organizations Attacked in a Chinese Cyber-Espionage Campaign
Microsoft Exchange servers have become the latest victim of Chinese-sponsored cyber-attack. Chinese hackers targeted the Microsoft Exchange Servers earlier this...
Brave Browser is About to Launch its Own Search Engine
Brave is a free and open-source web browser based on the Chromium web browser that had been established by...
Creator of McAfee Antivirus Software Charged For Conspiracy?
Creator of McAfee antivirus software, Businessman John McAfee is charged under a conspiracy to commit fraud and money laundering in...
Active Email Threat from Microsoft Hack, Warns White House
The administration of Biden is highly alarming about a series of recently found cyber intrusions that were associated with China...
Doosra is Helping to Create an Alternative Digital Identity
Facebook, WhatsApp, Twitter, and other online media platforms have been approached to verify the identity of their users — this...
Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks
Russia-linked APT groups leveraged the Lithuanian nation’s technology infrastructure to launch cyber-attacks against targets worldwide. The annual national security threat...
Security Affairs newsletter Round 304
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
