Security News

Linux Kernel Vulnerabilities Can Be Exploited to Bypass Spectre Mitigations
2021-03-30 12:17

Recent Linux kernel updates include patches for a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. Symantec reported on Monday that Piotr Krysiuk, a member of its Threat Hunter team, has identified two new vulnerabilities in the Linux kernel that can be exploited to bypass mitigations for the Spectre vulnerabilities.

New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems
2021-03-29 04:49

Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. While CVE-2020-27170 can be abused to reveal content from any location within the kernel memory, CVE-2020-27171 can be used to retrieve data from a 4GB range of kernel memory.

Microsoft Defender adds automatic Exchange ProxyLogon mitigation
2021-03-19 11:40

Microsoft Defender Antivirus will now protect unpatched on-premises Exchange servers from ongoing attacks by automatically mitigating the actively exploited CVE-2021-26855 vulnerability. The Microsoft Defender automatic protection from active attacks targeting unpatched Exchange servers works by breaking the attack chain.

Microsoft releases one-click Exchange On-Premises Mitigation Tool
2021-03-16 11:10

Microsoft has released Exchange On-Premises Mitigation Tool, which quickly performs the initial steps for mitigating the ProxyLogon flaw on any Exchange server and attempts to remediate found compromises. "This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching," Microsoft explained.

Use This One-Click Mitigation Tool from Microsoft to Prevent Exchange Attacks
2021-03-16 03:01

Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks. Called Exchange On-premises Mitigation Tool, the PowerShell-based script serves to mitigate against current known attacks using CVE-2021-26855, scan the Exchange Server using the Microsoft Safety Scanner for any deployed web shells, and attempt to remediate the detected compromises.

Microsoft Ships One-Click Mitigation Tool for Exchange Attacks
2021-03-16 00:22

Microsoft's scramble to address the fallout from the zero-day attacks against on-prem Exchange Server installations continued this week with the release of a one-click mitigation tool help businesses contain the damage. The new Exchange On-premises Mitigation Tool is aimed at companies without dedicated security or IT teams to manage patching and post-incident forensics.

Microsoft releases one-click Exchange On-Premises Mitigation Tool
2021-03-16 00:13

Microsoft has released a one-click Exchange On-premises Mitigation Tool tool to allow small business owners to easily mitigate the recently disclosed ProxyLogon vulnerabilities. This month, Microsoft disclosed that four zero-day vulnerabilities were being actively used in attacks against Microsoft Exchange.

Microsoft shares detection, mitigation advice for Azure LoLBins
2021-03-09 18:05

Attackers can abuse a wide range of Window legitimate tools, including but not limited to Microsoft Defender, Windows Update, and even the Windows Finger command. While being legitimately used by thousands of admins each day for managing their organizations' Azure fleets, their capabilities can also be used for malicious purposes, including circumventing network defense lines.

Microsoft Shares Additional Mitigations for Exchange Server Vulnerabilities Under Attack
2021-03-06 15:30

Microsoft on Friday released alternative mitigation measures for organizations who have not been able to immediately apply emergency out-of-band patches released earlier this week that address vulnerabilities being exploited to siphon e-mail data from corporate Microsoft Exchange servers. "These mitigations are not a remediation if your Exchange servers have already been compromised, nor are they full protection against attack," Microsoft warned in a blog post.

The economics behind global disinformation engines and strategies for mitigation
2021-03-04 04:00

Broad propaganda penetration is achieved by following a specific set of steps, according to a new IDC Government Insights report. The most successful generators of false news use large networks of pop-up news sites and bot networks to help echo sentiments and increase pass-along rates.