Cybersecurity (General)

Microsoft Exchange Autodiscover Bugs Leak 100K Windows Credentials Bugs in the implementation of Microsoft Exchange’s Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide. In a new report by Amit Serper, Guardicore’s AVP of Security Research, the researcher reveals how the incorrect implementation of the Autodiscover protocol, Read more…

RaidForums Data Marketplace Accidentally Exposes Private Staff Page Underground marketplace and hacker forum, RaidForums, recently exposed internal pages from its website, meant for staff members only. RaidForums is a data breach marketplace where threat actors often sell or leak illicitly obtained data dumps. Oops! RaidForums makes its staff area public RaidForums is Read more…

New MacOS Zero-day Bug Lets Attackers Run Commands Remotely Security researchers disclosed today a new vulnerability in Apple’s macOS Finder, which makes it possible for attackers to run arbitrary commands on Macs running any macOS version up to the latest release, Big Sur. Zero-days are publicly disclosed flaws that haven’t Read more…

VMware Warns Of Critical Bug In Default vCenter Server Installs VMware warns customers to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments. vCenter Server is a server management solution that helps IT admins manage virtualized hosts and Read more…

US Sanctions Cryptocurrency Exchange Used By Ransomware Gangs The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions. Suex is registered in the Czech Republic but has no physical presence there. Instead, it operates Read more…

Russian State Hackers Use New TinyTurla Malware As Secondary Backdoor Russian state-sponsored hackers known as the Turla APT group have been using new malware over the past year that acted as a secondary persistence method on compromised systems in the U.S., Germany, and Afghanistan. Named TinyTurla due to its limited Read more…

Netgear Fixes Dangerous Code Execution Bug In Multiple Routers Netgear has fixed a high severity remote code execution (RCE) vulnerability found in the Circle parental control service, which runs with root permissions on almost a dozen modern Small Offices/Home Offices (SOHO) Netgear routers. While one would expect the attack vector Read more…

Marketron Marketing Services Hit By Blackmatter Ransomware BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry. Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations. It specializes in revenue management and audience engagement, handling Read more…

Hacked Sites Push TeamViewer Using Fake Expired Certificate Alert Threat actors are compromising Windows IIS servers to add expired certificate notification pages that prompt visitors to download a malicious fake installer. Internet Information Services (IIS) is Microsoft Windows web server software included with all Windows versions since Windows 2000, XP, Read more…

US Farmer Cooperative Hit By $5.9M BlackMatter Ransomware Attack U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. NEW Cooperative is a farmer’s feed and grain cooperative with over sixty locations throughout Iowa. In a weekend Read more…