This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Citing national security concerns, the Federal Communications Commission is moving forward with legal proceedings to ban three Chinese-owned companies from providing telecommunications services in the U.S.
Don’t call it a product, and don’t try to create a standard around it - "zero trust" is a strategy, says John Kindervag, the former Forrester analyst who created it. As he steps into his new role at ON2IT Cybersecurity, his goal is to help make zero trust easy to implement.
A hacking group used a fake Huawei careers website to lure telecommunications workers and infect the job seekers' devices with malware that could steal information, says McAfee's Advanced Threat Research Strategic Intelligence team.
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.
The Florida teen whom prosecutors call the mastermind behind last year's hack of 130 high-profile Twitter accounts to wage a cryptocurrency scam pleaded guilty Tuesday and was sentenced to serve three years in a juvenile facility.
A malvertising campaign that purports to offer Telegram's desktop app for Windows is persisting. A security researcher based in Switzerland, who nearly fell for the ruse, takes a deep dive into the campaign.
The Pysa ransomware strain is increasingly targeting educational institutions in the U.S. and U.K., the FBI warns in a new flash alert. The hackers may threaten to leak exfiltrated data if a ransom is not paid.
U.S. intelligence agency reports conclude that Russia and Iran tried to interfere in the 2020 presidential election via disinformation campaigns, but found "no indication that any foreign actor attempted to alter any technical aspect of the voting process," including voting results.
From Thursday through Monday, Check Point Research tracked a tenfold increase in the number of global attempts to exploit vulnerable on-premises Microsoft Exchange servers as organizations race to install patches.
Fresh ransomware targeting an unpatched Microsoft Exchange email server flaw appears to have been rushed to market by criminals trying to capitalize on new opportunities before the competition stepped in, resulting in relatively shoddy attack code, security firm Sophos reports.
Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon flaw in on-premises Microsoft Exchange servers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.