Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit mod… Continue reading Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried to shut down electrical substations run by an energy provider in Ukraine. Ac… Continue reading Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

Windows Autopatch: Managed enterprise patching for Windows and Office

While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second Tuesday of every month “just another Tuesday.” About Windows Autopat… Continue reading Windows Autopatch: Managed enterprise patching for Windows and Office

More organizations are paying the ransom. Why?

Most organizations (71%) have been hit by ransomware in 2022, and most of those (63%) opted for paying the requested ransom, the 2022 Cyberthreat Defense Report (CDR) by the CyberEdge Group has shown. The research company says that possible explanation… Continue reading More organizations are paying the ransom. Why?

The Cyclops Blink botnet has been disrupted

The US Justice Department has announced that the FBI has disrupted the Cyclops Blink botnet, which they say was under the control of the Sandworm group – a threat actor that has been previously attributed to the Main Intelligence Directorate of t… Continue reading The Cyclops Blink botnet has been disrupted

Microsoft asks bug hunters to probe on-premises Exchange, SharePoint servers

Bug hunters that discover and report high-impact security vulnerabilities in on-premises Exchange, SharePoint and Skype for Business may earn as much as $26,000 per eligible submission, Microsoft has announced. The highest awards will go to those who d… Continue reading Microsoft asks bug hunters to probe on-premises Exchange, SharePoint servers

CISA adds Spring4Shell to list of exploited vulnerabilities

It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring Framework. There have been reports of scanning, exploit attempts and attempts… Continue reading CISA adds Spring4Shell to list of exploited vulnerabilities

Log4Shell exploitation: Which applications may be targeted next?

Spring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in at… Continue reading Log4Shell exploitation: Which applications may be targeted next?

Spring4Shell: No need to panic, but mitigations are advised

Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively popular framework for building modern Java-based enterprise applications, began… Continue reading Spring4Shell: No need to panic, but mitigations are advised

Mars Stealer malware pushed via Google Ads and phishing emails

Cybercriminals trying to foist the Mars Stealer malware onto users seemingly have a penchant for one particulat tactic: disguising it as legitimate, benign software to trick users into downloading it. Two documented Mars Stealer delivery campaings In a… Continue reading Mars Stealer malware pushed via Google Ads and phishing emails