Cyber Espionage, Iranian hackers increase attacks on IT services companies
Microsoft cybersecurity experts: The aim is to steal credentials belonging to downstream customer networks. India, Israel, UAE are the most hit targets.
Cybersecurity, Microsoft releases a new bunch of security updates
They cover 55 issues in different products. Six of them are critical and have already been exploited by cybercrime actors.
Cyber Espionage, Nobelium uses FoggyWeb as a backdoor
Microsoft cybersecurity experts: The APT exploits it to remotely exfiltrate sensitive information from a compromised AD FS server.
Cybersecurity, 4 vulnerabilities in Azure VM management extensions OMI agent
Microsoft: They could allow an attacker to raise their privileges and remote arbitrary code execution. Furthermore, there is a PoC online.
Cybersecurity, new vulnerability for Exchange Server: PROXYTOKEN
Yoroi: The flaw, CVE-2021-33766, allows a threat actor to monitor, steal or alter corporate email communications.
Cybersecurity, the PrintNightmare flaw has been patched in all Windows versions
Microsoft released the emergency security update KB5004948 for the Print Spooler critical zero-day vulnerability, the CVE-2021-34527.
Cybersecurity, disable the Windows Print Spooler service on servers not used for printing
The US CISA: An attacker could exploit the critical PrintNightmare zero-day vulnerability to take control of an affected system.
Cyber espionage, NOBELIUM now leverages legitimate mass-mailing service
Microsoft cybersecurity experts: It attempted to target approximately 3,000 individual accounts across more than 150 organizations.
Cyber Espionage, Snip3 is a new malware exploited to target aerospace and travel sectors
Microsoft cybersecurity experts: It then delivers RevengeRAT or AsyncRAT for data theft, and payloads as Agent Tesla to exfliltrate it.
Cybercrime, Microsoft released “One-Click Mitigation Tool” on Exchange Servers vulnerabilities
The cybersecurity experts: Customers will automatically mitigate CVE-2021-26855 on any server on which it is deployed. However, it’s not a replacement for the patch.