FBI & CISA Warning: ManageEngine Flaw Poses Serious Risk

Security Flaw Found in ManageEngine

APT Actors Exploit Vulnerability in ManageEngine ADSelfService Plus Reports confirm a critical security vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on (SSO) tool for Active Directory environments, is actively being exploited. This newly discovered vulnerability, CVE-2021-40539, presents a critical authentication bypass risk that affects REST API URLs and can lead to […]

Credentials for Nearly 500,000 Fortinet VPN Users Leaked

Fortinet VPN Password Leak

Hackers Leak Passwords for Fortinet VPN Servers A list with nearly half a million Fortinet VPN user credentials, allegedly scraped from unprotected devices, is now being shared on hacker forums across the dark web. On Tuesday, a threat actor known as “Orange”, thought to be a member of the popular ransomware gang “Groove”, posted a […]

New Microsoft Vulnerability, MSHTML RCE, Under Active Attack

Microsoft Zero-Day Exploit Vulnerability RCE MSHTML

Microsoft Alerts of New Zero-Day Flaw in Windows Microsoft released a security alert yesterday announcing a newly discovered flaw for a remote code execution (RCE) in MSHTML that is currently being exploited. MSHTML, also known as Trident, is a component used as a browser rendering engine for Microsoft Office documents. Attackers are using this zero-day […]

New Find: Windows 365 Exposes Microsoft Azure Credentials In Plaintext

Windows 365 credentials can be dumped in plaintext On August 2nd, 2021, Microsoft launched their Windows 365 cloud-based desktop service, allowing users to rent Cloud PCs and access them via remote desktop clients or a browser.  One of the lucky few who could get a free trial was Benjamin Delpy, creator of Mimikatz which is […]

3rd Windows Print Spooler Critical Vulnerability Detected

Windows PrintNightmare Vulnerability

Windows PrintNightmare Vulnerabilities & Exploits Continue At the end of June and earlier this month, Microsoft released a security update regarding a Windows Print Spooler critical vulnerability, now being called PrintNightmare. Their original guidance, CVE-2021-1675, was quickly met with backlash as patches released by Microsoft were reported to not fix the issue completely. According to […]

Microsoft Discovers New SolarWinds Flaw Under Attack

Microsoft discovers new SolarWinds Vulnerability

Microsoft Uncovers Remote Code Execution (RCE) Vulnerability & Zero-Day Exploit of SolarWinds Serv-U Product Microsoft recently alerted software company, SolarWinds, of a new vulnerability uncovered, providing proof of concept to the company last week. It was found in SolarWinds Serv-U product, in two IT management utilities used to manage remote file servers, Serv-U Managed File […]

Thousands, Possibly Millions, of Businesses Affected by Latest Ransomware Attack

Latest Ransomware attack targets Kaseya

Kaseya Platform Targeted in Large-Scale Global Ransomware Attack Over the holiday weekend, notorious cybercrime group, REvil, successfully launched a ransomware attack targeting Managed Service Providers (MSPs). This unprecedented hack triggered an infection chain compromising a massive, global supply chain, with reports showing at least 1,000 businesses over 17 countries being affected. The attack reportedly started […]

New Microsoft Report Suggests Basic Authentication as Source of Business Email Compromise (BEC) Attacks

Basic Authentication pointed to by Microsoft as cause of BEC attacks

Microsoft Examines Basic Authentication’s Role in BEC Attacks In late 2019, Microsoft announced their intent to remove basic authentication from Exchange Online protocols. Though for many organizations using Microsoft 365, a combination of basic authentication and connection protocols, like POP3 and IMAP4, is still standard practice for accessing Exchange Online mailboxes. A recent report released […]

Microsoft Remote Desktop Protocol (RDP) Vulnerability Discovered

Microsoft Remote Desktop Protocol (RDP) is one of the most popular solutions used to access critical infrastructure servers for many organizations, including those who run virtual servers on Microsoft Azure. A group of hackers, called the Secret Club, inadvertently found a major flaw in Microsoft Remote Desktop Protocol (RDP) technology. A researcher found a cleartext […]