Security News

The U.S. National Security Agency last week released a cybersecurity advisory focusing on the security of operational technology systems, particularly in terms of connectivity to IT systems. The advisory shares recommendations for evaluating risks and improving the securing of connections between IT systems - these can often serve as an entry point into industrial networks - and OT systems.

According to the U.S. National Security Agency, which issued an alert Thursday, the advanced persistent threat group known as APT29 is conducting "Widespread scanning and exploitation against vulnerable systems in an effort to obtain authentication credentials to allow further access." The five bugs under active attack are known, fixed security holes in platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware that organizations should patch immediately, researchers warned.

Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.

The U.S. government on Thursday warned that Russian APT operators are exploiting five known - and already patched - vulnerabilities in corporate VPN infrastructure products, insisting it is "Critically important" to mitigate these issues immediately. According to the NSA, the five vulnerabilities should be prioritized for patching alongside the newest batch of Exchange Server updates released by Microsoft earlier this week.

A joint advisory from the U.S. National Security Agency, the Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation warn that the Russian Foreign Intelligence Service is exploiting five vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of the Russian SVR using these vulnerabilities against public-facing services to obtain authentication credentials to further compromise the networks of US corporate and government networks.

In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server. Cybersecurity firm Kaspersky, which discovered and reported the flaw to Microsoft in February, linked the zero-day exploit to a threat actor named Bitter APT, which was found exploiting a similar flaw in attacks late last year.

April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency. "This month's release includes a number of critical vulnerabilities that we recommend you prioritize, including updates to protect against new vulnerabilities in on-premise Exchange Servers," Microsoft said in its blog post.

Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. The flaws affect on-premise Exchange Server versions 2013 through 2019 and while there is no evidence of being exploited in the wild, Microsoft assesses that threat actors are likely to leverage them as soon as they create an exploit.

Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks. The four new Exchange Server vulnerabilities were fixed as part of this month's Patch Tuesday bundle and because of the severity of these issues, Microsoft has joined with the U.S. National Security Agency to urge the immediate deployment of the new fixes.

President Joe Biden has selected two former senior National Security Agency officials for key cyber jobs in his administration, the White House said Monday in moving to fill out a team whose role has grown more urgent after two major hacks that have consumed the government's attention. Chris Inglis, a former NSA deputy director, is being nominated as the government's first national cyber director.