NSA Discloses Vulnerabilities in Microsoft Exchange
April 16 2021Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.
Read moreTwo lucky winners scooped $200k for just 20 minutes' work - if you don't count the days, weeks and months of meticulous effort beforehand
Read moreNew episode - listen now!
Read moreAccellion Supply Chain Hack
March 23 2021
A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide.
There’s much in the article about when Accellion knew about the...
Read moreEasy SMS Hijacking
March 19 2021
Vice is reporting on a cell phone vulnerability caused by commercial SMS services. One of the things these services permit is text message forwarding. It turns out that...
Read moreExploiting Spectre Over the Internet
March 18 2021
Google has demonstrated exploiting the Spectre CPU attack remotely over the web:
Today, we’re sharing proof-of-concept (PoC) code that confirms the practicality of Spectre exploits against JavaScript engines....
Read more
On Not Fixing Old Vulnerabilities
March 9 2021
How is this even possible?
…26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed....
Read more
Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation...
Read moreBeginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation...
Read moreFour Microsoft Exchange Zero-Days Exploited by China
March 4 2021Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China. EDITED TO ADD (3/12): Exchange Online is not affected.
Read more
Recent Comments