Security News

The U.S. Cybersecurity and Infrastructure Security Agency is warning of active exploitation attempts that leverage the latest line of "ProxyShell" Microsoft Exchange vulnerabilities that were patched earlier this May, including deploying LockFile ransomware on compromised systems.Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities enable adversaries to bypass ACL controls, elevate privileges on the Exchange PowerShell backend, effectively permitting the attacker to perform unauthenticated, remote code execution.

A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. ProxyShell is the name of an attack consisting of three chained Microsoft Exchange vulnerabilities that result in unauthenticated, remote code execution.

A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. ProxyShell is the name of an attack consisting of three chained Microsoft Exchange vulnerabilities that result in unauthenticated, remote code execution.

Important Notice: We are sorry to announce that #LiquidGlobal warm wallets were compromised, we are moving assets into the cold wallet. In a cold wallet setup, the files that constitute your cryptocoin stash are inaccessible to malware or hackers who manage to wriggle into your computer, thanks to being kept offline, and unusable in the event of an intruder in your house finding the storage device on which you stashed them, thanks to being encrypted.

Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. Liquid is one of the largest cryptocurrency-fiat exchange platforms worldwide.

Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. Liquid is one of the largest cryptocurrency-fiat exchange platforms worldwide.

Nutanix and Cyxtera announced their partnership to launch the first Nutanix Federal Innovation Lab, powered by Cyxtera's digital exchange and Enterprise Bare Metal. The Federal Innovation Lab, located in a Cyxtera data center in Northern Virginia, provides U.S. Federal customers as well as industry partners with an environment to build proofs of concept and test mission-critical applications using on-demand infrastructure that readily supports hybrid multicloud solutions via a single operating platform.

Exchange Server downtime may occur at any point in time due to several reasons, such as malware attack, server crash, database corruption, and hardware or software-related issues/incompatibility. Exchange Server downtime is inevitable, especially when your organization relies on a standalone on-premises Exchange server.

In his Black Hat presentation last week, Devcore principal security researcher Orange Tsai said that a survey shows more than 400,000 Exchange servers on the internet that are exposed to the attack via port 443. Breakdown of Exchange servers on Shodan vulnerable to ProxyShell or ProxyLogon, it's just under 50% of internet facing Exchange servers.

Threat actors have started exploiting the recently disclosed Microsoft Exchange Server vulnerabilities to deliver web shells that give them access to the compromised system. Orange Tsai, principal researcher at security consulting firm DEVCORE, recently disclosed the details of three Exchange vulnerabilities that can be exploited by remote, unauthenticated attackers to take control of vulnerable servers.