Author: Admin

The US authorities sought a court order to remove web shells running on hundreds of Microsoft Exchange servers, following mass exploitation of vulnerabilities patched in March, it has emerged. The Department of Justice (DoJ) announced the move yesterday, explaining that although system owners managed to remove thousands of malicious scripts from their infected servers, hundreds persisted. Although the attacks started as early as January, one report claimed that as many as 30,000 US Exchange Server…

Let’s Make Security Easy I’ve been hearing a lot lately about tech and information overload, which is understandable given that the average U.S. household now has access to more than ten devices. (No wonder we are all spending more time online!) While technology allows us to be incredibly productive and connected, it can make our lives more complicated, especially if we are concerned about our privacy. We know that with each new digital capability or…

After a year of lockdown, or nearly full lockdown, due to the ongoing health crisis, we learned a lot from how our organizations responded when we all had to change our work habits to a home-office setup. Many companies that had only a casual relationship with Virtual Private Network (VPN) technology had to quickly reach expert-level proficiency in how to connect their entire population in order to save, or hang onto, whatever profit margin they…

Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what their best Docker tip is to whether they prefer cats or dogs (personally, we like whales and turtles over here)….

Tag CVE Count CVEs Visual Studio Code – Kubernetes Tools 1 CVE-2021-28448 Microsoft NTFS 2 CVE-2021-27096, CVE-2021-28312 Open Source Software 1 CVE-2021-28458 Microsoft Office Word 1 CVE-2021-28453 Microsoft Windows Speech 3 CVE-2021-28347, CVE-2021-28351, CVE-2021-28436 Windows Resource Manager 1 CVE-2021-28320 Windows Installer 4 CVE-2021-26413, CVE-2021-26415, CVE-2021-28437, CVE-2021-28440 Visual Studio 1 CVE-2021-27064 Visual Studio Code – GitHub Pull Requests and Issues Extension 1 CVE-2021-28470 Windows Network File System 1 CVE-2021-28445 Microsoft Office SharePoint 1 CVE-2021-28450 Microsoft Windows…

One month after disclosing four zero-day vulnerabilities in Exchange Server, Microsoft addresses four additional vulnerabilities discovered by the National Security Agency (NSA). Background On April 13, as part of its April 2021 Patch Tuesday release, Microsoft addressed four critical vulnerabilities in Microsoft Exchange Server. The disclosure follows last month’s out-of-band (OOB) security update which addressed four zero-day vulnerabilities in Exchange Server that were exploited in the wild by an advanced persistent threat group known as…

Microsoft addresses 108 CVEs, including CVE-2021-28310 — which has reportedly been exploited in the wild — as well as four new remote code execution vulnerabilities in Microsoft Exchange. 19Critical 88Important 1Moderate 0Low Microsoft patched 108 CVEs in the April 2021 Patch Tuesday release, including 19 CVEs rated as critical, 88 rated as important and 1 rated as moderate. This month’s Patch Tuesday release includes fixes for Azure…