Security News

Exchange Servers targeted via zero-day exploits, have yours been hit?
2021-03-03 13:05

Our team has been tirelessly working several intrusions since January involving multiple 0-day exploits in Microsoft Exchange. If you use on-prem Microsoft Exchange Servers, you might want to assume you've been hit and start checking and then updating.

Microsoft Expands Secured-core to Servers, IoT Devices
2021-03-03 09:49

Microsoft this week announced Secured-core Server and Edge Secured-core, two solutions aimed at improving the security of servers and connected devices. Initially announced in 2019, Secured-core is the result of a partnership between Microsoft and hardware manufacturers, and its goal is to add a security layer that combines identity, virtualization, operating system, hardware and firmware protection capabilities.

Microsoft fixes four zero-day flaws in Exchange Server exploited by China's ‘Hafnium’ spies to steal victims' data
2021-03-03 00:10

Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from US-based defense contractors, law firms, and infectious disease researchers. Gain access to an Exchange Server either using stolen passwords or by using zero-day vulnerabilities, and disguise themselves as a legitimate user.

Microsoft: Multiple Exchange Server Zero-Days Under Attack by Chinese Hacking Group
2021-03-02 23:09

Microsoft late Tuesday raised the alarm after discovering Chinese cyber-espionage operators chaining multiple zero-day exploits to siphon e-mail data from corporate Microsoft Exchange servers. In all, Microsoft said the attacker chained four zero-days into a malware cocktail targeting its Exchange Server product.

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
2021-03-02 21:19

Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The patches released today fix security problems in Microsoft Exchange Server 2013, 2016 and 2019.

Linux: How to quickly check to see if your server is under a DoS attack from a single IP address
2021-03-02 15:00

Jack Wallen shows you an easy way to determine if your Linux server is under a DDoS attack and how to quickly stop it.

Microsoft announces Windows Server 2022 with new security features
2021-03-02 14:00

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform. Windows Server 2022 is now in preview and "Provides secured connectivity enabled by industry-standard AES 256 encryption," as Microsoft announced today.

Week in review: Kali Linux 2021.1, CNAME-based tracking, VMware vCenter Servers under attack
2021-02-28 08:55

Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!The day after VMware released fixes for a critical RCE flaw found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. Kali Linux 2021.1 released: Tweaked DEs and terminals, new tools, Kali ARM for Apple Silicon MacsOffensive Security has released Kali Linux 2021.1, the latest version of its popular open source penetration testing platform.

KIOXIA NVMe SSDs available on Supermicro PCIe 4.0 server and storage platforms
2021-02-26 01:00

The company announced that its lineup of CM6 and CD6 Series PCIe 4.0 NVM Express enterprise and data center solid state drives have gained compatibility approval with Super Micro Computer, PCIe 4.0-based platforms, including a wide range of enterprise-ready rackmount systems encompassing Ultra, WIO, BigTwin, FatTwin, SuperBlade, 1U/2U NVMe all flash arrays, GPU accelerated systems, and Super Workstations. Users are moving to NVMe SSDs to address the demands of enterprise performance requirements, cloud-based data center architectures, and performance-centric and latency-sensitive applications.

Attackers scan for vulnerable VMware servers after PoC exploit release
2021-02-25 12:56

After security researchers have developed and published proof-of-concept exploit code targeting a critical vCenter remote code execution vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.