Security News > 2021

A vulnerability affecting Eclipse Jetty web servers can be exploited by an attacker to inflate a targeted organization's cloud services bill or cause disruption, according to security researchers at tech company Synopsys. Jetty is an open source Java web server and servlet container that has been used in a wide range of projects and products, including by major companies such as Facebook, Google and Yahoo.

Microsoft has spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server. An exploit allows remote attackers with administrator permissions to run code as SYSTEM on the Exchange server.

Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. Advanced persistent threat groups are currently using "At least" the CVE-2021-26855 Microsoft Exchange Server vulnerability as part of ongoing attacks to achieve remote code execution without authentication on unpatched on-premises Exchange servers.

VMware this week announced the availability of a security patch for VMware View Planner, to address a vulnerability leading to remote code execution. With the release of View Planner 4.6 Security Patch 1 on March 2, VMware fixes CVE-2021-21978, an issue that could allow an attacker to execute code remotely.

Google on Wednesday pledged to steer clear of tracking individual online activity when it begins implementing a new system for targeting ads without the use of so-called "Cookies." The internet giant's widely used Chrome browser this month will begin testing an alternative to the tracking practice that it believes could improve online privacy while still enabling advertisers to serve up relevant messages.

Security researcher Alexander Popov has discovered and fixed five similar issues in the virtual socket implementation of the Linux kernel. The vulnerabilities could be exploited for local privilege escalation, as confirmed in experiments on Fedora 33 Server.

Microsoft is ramping up the forced rollout of Windows 10, version 20H2 to more devices approaching end of service, as part of a new rollout phase. Windows 10 20H2 is also rolling out to users manually checking for updates on devices running Windows 10 1903 or later starting October 2020.

Google this week announced the availability of Chrome 89 in the stable channel, with patches for a total of 47 vulnerabilities, including one that has been exploited in the wild. Tracked as CVE-2021-21166, the zero-day security hole is described as a high-severity "Object lifecycle issue in audio." The bug was reported by Alison Huffman of Microsoft Browser Vulnerability Research, and is the second of this type addressed in Chrome 89, alongside CVE-2021-21165, also rated high risk.

Our team has been tirelessly working several intrusions since January involving multiple 0-day exploits in Microsoft Exchange. If you use on-prem Microsoft Exchange Servers, you might want to assume you've been hit and start checking and then updating.

A researcher revealed on Monday that some exploits for the notorious CPU vulnerability known as Spectre were uploaded recently to the VirusTotal malware analysis service. In a blog post titled Spectre exploits in the "Wild", researcher Julien Voisin shared a brief analysis of a Spectre exploit for Linux that had been uploaded to VirusTotal in early February.