On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month,...
Read moreNSA Discloses Vulnerabilities in Microsoft Exchange
April 16 2021Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.
Read more
In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days...
Read moreHacking for good! A judge said I could!
Read moreTwo lucky winners scooped $200k for just 20 minutes' work - if you don't count the days, weeks and months of meticulous effort beforehand
Read moreMore on the Chinese Zero-Day Microsoft Exchange Hack
March 10 2021
Nick Weaver has an excellent post on the Microsoft Exchange hack:
The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand...
Read more
Webshells explained, with some (safe) examples you can try at home if you want to learn more.
Read moreBeginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation...
Read moreBeginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation...
Read moreFour Microsoft Exchange Zero-Days Exploited by China
March 4 2021Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China. EDITED TO ADD (3/12): Exchange Online is not affected.
Read more
Recent Comments