Resources
Blog
ManageEngine Zero-Day Flaw Actively Being Exploited
FBI Warns: APT Groups Exploiting Critical Vulnerability in ManageEngine Software Earlier this month, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint advisory highlighting a newly discovered vulnerability being actively exploited in ManageEngine ServiceDesk Plus, owned by Zoho Corp, an IT help desk and asset management software.
FBI & CISA Warning: ManageEngine Flaw Poses Serious Risk
APT Actors Exploit Vulnerability in ManageEngine ADSelfService Plus Reports confirm a critical security vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on (SSO) tool for Active Directory environments, is actively being exploited. This newly discovered vulnerability, CVE-2021-40539, presents a critical authentication bypass risk that affects REST API
Credentials for Nearly 500,000 Fortinet VPN Users Leaked
Hackers Leak Passwords for Fortinet VPN Servers A list with nearly half a million Fortinet VPN user credentials, allegedly scraped from unprotected devices, is now being shared on hacker forums across the dark web. On Tuesday, a threat actor known as “Orange”, thought to be a member of the popular
New Microsoft Vulnerability, MSHTML RCE, Under Active Attack
Microsoft Alerts of New Zero-Day Flaw in Windows Microsoft released a security alert yesterday announcing a newly discovered flaw for a remote code execution (RCE) in MSHTML that is currently being exploited. MSHTML, also known as Trident, is a component used as a browser rendering engine for Microsoft Office documents.
New Pricing for Microsoft 365
New Commercial List Pricing for Office 365 Microsoft announced changes to their commercial pricing for Microsoft 365—the first substantive pricing update since the launch of Office 365 a decade ago. Microsoft says that this updated pricing reflects the increased value they have delivered to their customers over the past 10
New Find: Windows 365 Exposes Microsoft Azure Credentials In Plaintext
Windows 365 credentials can be dumped in plaintext On August 2nd, 2021, Microsoft launched their Windows 365 cloud-based desktop service, allowing users to rent Cloud PCs and access them via remote desktop clients or a browser. One of the lucky few who could get a free trial was Benjamin Delpy,
Thank Your SysAdmins – It’s System Administrator Appreciation Day!
Happy System Administrator Appreciation Day! System Administrator Appreciation Day, also known as SysAdmin Day, is an event created by System Administrator, Ted Kekatos. It all started when Kekatos saw a magazine advertisement in which a System Administrator was presented with flowers and fruit-baskets by grateful co-workers as thanks for installing
3rd Windows Print Spooler Critical Vulnerability Detected
Windows PrintNightmare Vulnerabilities & Exploits Continue At the end of June and earlier this month, Microsoft released a security update regarding a Windows Print Spooler critical vulnerability, now being called PrintNightmare. Their original guidance, CVE-2021-1675, was quickly met with backlash as patches released by Microsoft were reported to not fix
Microsoft Discovers New SolarWinds Flaw Under Attack
Microsoft Uncovers Remote Code Execution (RCE) Vulnerability & Zero-Day Exploit of SolarWinds Serv-U Product Microsoft recently alerted software company, SolarWinds, of a new vulnerability uncovered, providing proof of concept to the company last week. It was found in SolarWinds Serv-U product, in two IT management utilities used to manage remote
Thousands, Possibly Millions, of Businesses Affected by Latest Ransomware Attack
Kaseya Platform Targeted in Large-Scale Global Ransomware Attack Over the holiday weekend, notorious cybercrime group, REvil, successfully launched a ransomware attack targeting Managed Service Providers (MSPs). This unprecedented hack triggered an infection chain compromising a massive, global supply chain, with reports showing at least 1,000 businesses over 17 countries being
Defending Active Directory Against AdminSDHolder Attacks
Active Directory Permissions Attack: Hackers Gain Persistence with AdminSDHolder Active Directory (AD) tends to be a common target for hackers, as it controls the security and infrastructure for most IT systems. Attackers aim to get privileged access to a Windows Server Active Directory and remain undetected for as long as
New Microsoft Report Suggests Basic Authentication as Source of Business Email Compromise (BEC) Attacks
Microsoft Examines Basic Authentication’s Role in BEC Attacks In late 2019, Microsoft announced their intent to remove basic authentication from Exchange Online protocols. Though for many organizations using Microsoft 365, a combination of basic authentication and connection protocols, like POP3 and IMAP4, is still standard practice for accessing Exchange Online
New Fluid Office Documents from Microsoft Coming This Summer to Teams, OneNote, and More
Fluid Components Starting to Arrive in Microsoft Platforms Soon The biggest change to Microsoft’s Office documents in decades is coming to life soon, as the company’s Fluid framework arrives in Microsoft Teams, OneNote, Outlook, and Whiteboard. The future-facing concept of Fluid’s framework, introduced last year, allows for immediate sync of
True Hybrid Active Directory Management Solutions: The New Standard | Part 1
True Hybrid Active Directory Management Solutions: The New Standard | A Three-Part Blog Series Over the years, Microsoft Active Directory (AD) has become the core of almost all organizations’ network infrastructures, acting as the central system for identity and access management. The current IT landscape is constantly evolving and has
Microsoft Remote Desktop Protocol (RDP) Vulnerability Discovered
Microsoft Remote Desktop Protocol (RDP) is one of the most popular solutions used to access critical infrastructure servers for many organizations, including those who run virtual servers on Microsoft Azure. A group of hackers, called the Secret Club, inadvertently found a major flaw in Microsoft Remote Desktop Protocol (RDP) technology.