‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Microsoft Releases Over 100 Updates in Patch Tuesday for January 2022 The January security updates from the Redmond-based software giant cover security defects in a wide range of default Windows OS components, including a critical flaw in the HTTP Protocol Stack (http.sys) that Microsoft describes as “wormable,” and another code execution Exchange Server bug reported […]

ManageEngine Zero-Day Flaw Actively Being Exploited

Zoho ManageEngine Zero Day Flaw Active Exploit

FBI Warns: APT Groups Exploiting Critical Vulnerability in ManageEngine Software Earlier this month, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint advisory highlighting a newly discovered vulnerability being actively exploited in ManageEngine ServiceDesk Plus, owned by Zoho Corp, an IT help desk and asset management software. This critical remote code execution […]

FBI & CISA Warning: ManageEngine Flaw Poses Serious Risk

Security Flaw Found in ManageEngine

APT Actors Exploit Vulnerability in ManageEngine ADSelfService Plus Reports confirm a critical security vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on (SSO) tool for Active Directory environments, is actively being exploited. This newly discovered vulnerability, CVE-2021-40539, presents a critical authentication bypass risk that affects REST API URLs and can lead to […]

Credentials for Nearly 500,000 Fortinet VPN Users Leaked

Fortinet VPN Password Leak

Hackers Leak Passwords for Fortinet VPN Servers A list with nearly half a million Fortinet VPN user credentials, allegedly scraped from unprotected devices, is now being shared on hacker forums across the dark web. On Tuesday, a threat actor known as “Orange”, thought to be a member of the popular ransomware gang “Groove”, posted a […]

New Microsoft Vulnerability, MSHTML RCE, Under Active Attack

Microsoft Zero-Day Exploit Vulnerability RCE MSHTML

Microsoft Alerts of New Zero-Day Flaw in Windows Microsoft released a security alert yesterday announcing a newly discovered flaw for a remote code execution (RCE) in MSHTML that is currently being exploited. MSHTML, also known as Trident, is a component used as a browser rendering engine for Microsoft Office documents. Attackers are using this zero-day […]

New Find: Windows 365 Exposes Microsoft Azure Credentials In Plaintext

Windows 365 credentials can be dumped in plaintext On August 2nd, 2021, Microsoft launched their Windows 365 cloud-based desktop service, allowing users to rent Cloud PCs and access them via remote desktop clients or a browser.  One of the lucky few who could get a free trial was Benjamin Delpy, creator of Mimikatz which is […]

3rd Windows Print Spooler Critical Vulnerability Detected

Windows PrintNightmare Vulnerability

Windows PrintNightmare Vulnerabilities & Exploits Continue At the end of June and earlier this month, Microsoft released a security update regarding a Windows Print Spooler critical vulnerability, now being called PrintNightmare. Their original guidance, CVE-2021-1675, was quickly met with backlash as patches released by Microsoft were reported to not fix the issue completely. According to […]

Microsoft Discovers New SolarWinds Flaw Under Attack

Microsoft discovers new SolarWinds Vulnerability

Microsoft Uncovers Remote Code Execution (RCE) Vulnerability & Zero-Day Exploit of SolarWinds Serv-U Product Microsoft recently alerted software company, SolarWinds, of a new vulnerability uncovered, providing proof of concept to the company last week. It was found in SolarWinds Serv-U product, in two IT management utilities used to manage remote file servers, Serv-U Managed File […]

Thousands, Possibly Millions, of Businesses Affected by Latest Ransomware Attack

Latest Ransomware attack targets Kaseya

Kaseya Platform Targeted in Large-Scale Global Ransomware Attack Over the holiday weekend, notorious cybercrime group, REvil, successfully launched a ransomware attack targeting Managed Service Providers (MSPs). This unprecedented hack triggered an infection chain compromising a massive, global supply chain, with reports showing at least 1,000 businesses over 17 countries being affected. The attack reportedly started […]

New Microsoft Report Suggests Basic Authentication as Source of Business Email Compromise (BEC) Attacks

Basic Authentication pointed to by Microsoft as cause of BEC attacks

Microsoft Examines Basic Authentication’s Role in BEC Attacks In late 2019, Microsoft announced their intent to remove basic authentication from Exchange Online protocols. Though for many organizations using Microsoft 365, a combination of basic authentication and connection protocols, like POP3 and IMAP4, is still standard practice for accessing Exchange Online mailboxes. A recent report released […]

New Survey Finds...

Active Directory forest recovery not taken serious enough. See what else your peers had to say.