Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA

Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA

The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The European Banking Authority announced that it was the victim of a cyber attack against its email system that exploited recently disclosed zero-day vulnerabilities in Microsoft Exchange. On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in…

Read More

ESET: More Than 10 APT Groups Exploiting Recent Microsoft Exchange Vulnerabilities

ESET: More Than 10 APT Groups Exploiting Recent Microsoft Exchange Vulnerabilities

There are more than 10 different advanced persistent threat (APT) groups exploiting recent Microsoft Exchange vulnerabilities, according to ESET research. Last week, Microsoft released out-of-band patches to fix multiple zero-day vulnerabilities believed to be being exploited by Chinese state-sponsored group Hafnium. The step was taken to protect customers running on-premises versions of Microsoft Exchange Server. However, today (March 10), ESET claimed the number of APT groups exploiting the vulnerabilities is believed to be in double-figures,…

Read More

How to Balance IT Stability and Strong Security – Cisco Blogs

How to Balance IT Stability and Strong Security – Cisco Blogs

Remember the old days of deploying Anti-Virus (AV) across your organization? Most often, it was a “set it and forget it” approach. It worked back then. Until it didn’t. This leaves us with a perplexing dichotomy. On the one hand, the mindset of the old AV days still persists, where many companies are reluctant to update, upgrade, or even touch their existing security technology. On the other hand, we found in our recent 2021 Security…

Read More

5 minutes with Michael Borromeo – Cybersecurity best practices with a hybrid workforce

5 minutes with Michael Borromeo – Cybersecurity best practices with a hybrid workforce

5 minutes with Michael Borromeo – Cybersecurity best practices with a hybrid workforce | 2021-03-10 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie…

Read More

Why Fit In – When You Were Born to Stand Out?  – Cisco Blogs

Why Fit In – When You Were Born to Stand Out?  – Cisco Blogs

I’ve never been very good at fitting in.   From being the only Asian American in my entire elementary school to being the only female in my 8th grade computer science class, I’ve definitely endured my fair share of experiences where I’ve felt like the odd one out. Growing up, it felt as though my innate ability to stick out like a sore thumb was my fatal flaw.   Through the years though, my perspective of…

Read More

How weak passwords could put your organization at risk

How weak passwords could put your organization at risk

Employees at Fortune 500 companies were found using passwords that could be hacked in less than a second, according to NordPass. Image: iStock/sasun bughdaryan Relying on passwords for security has become increasingly problematic. Devising and remembering a complex password for every account and website is virtually impossible on your own. Yet using weak and simple passwords is a recipe for data breaches, account takeovers, and other forms of cyberattack. A report released Wednesday by password…

Read More

Next-gen wireless options: Wi-Fi 6, 5G or private 5G?

Next-gen wireless options: Wi-Fi 6, 5G or private 5G?

One of the great debates in networking has been whether to use wired connectivity—which brings speed—or wireless—which delivers mobility. Recent versions of Wi-Fi deliver speeds comparable to wired, removing this debate. Wired connections are still faster, but for most user applications, including video, there is no experience difference. Looking ahead, next-generation wireless will be well North of 1Gbps, making it a no-brainer to use wireless. The next big decision: What kind of wireless? In the…

Read More

Storage startup Pliops aims to boost flash performance

Storage startup Pliops aims to boost flash performance

Rivals Intel and Nvidia are on the same side when it comes to the funding of a startup that promises to make flash storage orders of magnitude faster. The two are among numerous investors in Pliops, which is developing a specialized storage processor that it says allows applications to access data kept in flash storage up to 100 times faster than with traditional approaches while using a fraction of the electricity required by traditional hardware….

Read More

WaterISAC: 15 Security Fundamentals You Need to Know

WaterISAC: 15 Security Fundamentals You Need to Know

On February 8, the world learned about a digital attack at the water treatment plant serving the 15,000-person City of Oldsmar, Florida. An operator at the water treatment plant observed someone remotely take control of his mouse and use it to change the setting of sodium hydroxide within the water from 100 parts per million (ppm) to 11,100 ppm. This change could have endangered public health if the operator had not immediately undone the attacker’s…

Read More

Microsoft Expands Coverage for Exchange Server Bugs

Microsoft Expands Coverage for Exchange Server Bugs

Microsoft released fixes for over 80 CVEs in yesterday’s Patch Tuesday update round, including a zero-day bug and several publicly disclosed vulnerabilities. In a week dominated by the exploitation on a massive scale of four zero-day Exchange Server flaws patched out-of-band by Microsoft last week, there’s yet more to do for sysadmins. The first is yet another zero-day, this time in Internet Explorer. “CVE-2021-26411 is a memory corruption vulnerability that could allow an attacker to target…

Read More
1 3,563 3,564 3,565 3,566 3,567 3,861