Reuters reports: The White House on Sunday urged computer network operators to take further steps to gauge whether their systems were targeted amid a hack of Microsoft Corp’s Outlook email program, saying a recent software patch still left serious vulnerabilities. “This is an active threat still developing and we urge network operators to take it very seriously,” a White House official said, adding that top U.S. security officials were working to decide what next steps to take following the breach…
Microsoft Exchange Cyberattack: Hafnium Email Hacking Timeline and Incident Details
The following links summarize steps that MSPs and MSSPs can take to patch Exchange … MSP & MSSP Implications: Cybersecurity service provider Huntress … Mandiant from FireEye: Mandiant Managed Defense observed multiple …
A Retired Microsoft OS Engineer’s Comparison of Linux with Windows
David Plummer is a retired Microsoft operating systems engineer, “going back to the MS-DOS and Windows 95 days.” (He adds that in the early ’90s he’d fixed a few handle leaks in the early source code of Linux, “and sent my changes off to Linus at Rutgers.”)
Phishing Attack Uses Fake Google reCAPTCHA
Zscaler Says it Prevented Over 2,500 Phishing Attacks
Worldwide Hack: Microsoft Exchange Server Zero-day Exploits
Hundreds of thousands of worldwide organizations are newly hacked via holes in Microsoft’s email software per a Krebs on Security article posted March 5, 2021.
Federal officials scramble to assess widening Microsoft Exchange Server fallout
Written by Sean Lyngaas
The One-Week Hijacking of Perl.com – Explained
“For a week we lost control of the Perl.com domain,” a long-running site offering news and articles about the programming language, writes the site’s senior editor, brian d foy.
Amanda Gorman Revealed She Was Racially Profiled On Her Walk Home: “One Day You’re Called An Icon, The Next Day, A Threat”
“He demanded [to know] if I lived there because, ‘You look suspicious.'”
America’s Air Force Is Having To Reverse Engineer Parts of Its Own Stealth Bomber
While it’s hard to say exactly why this approach is being taken now, it indicates that the original plans for these components are unavailable or the manufacturing processes and tooling used to produce them no longer exists… Indeed, as the average age of the Air Force fleet continues to increase, there are only likely to be more such requirements for parts that are long out of production. Before he stood down, the former Assistant Secretary of the Air Force for Acquisition, Technology, and Logistics, Will Roper, told Air Force Magazine of his desire for a “digital representation of every part in the Air Force inventory….”
Upcoming Webinar: The Future of Cyber: Maturing your Cyber Program over the Life of your Business
What you will learn in this webinar:
- Why your cyber program should be informed by threat.
- How to choose which areas of your business to protect first.
- How to make smart security investments that are aligned with business priorities and generate optimal results from your cyber program.
- Why security teams will need to pivot their strategy over the life of their business to ensure a successful cyber program and how you can apply these strategies.
- Why generating reports is ineffective and how to effectively measure your cyber program.
- How to increase your risk and security intelligence to make more confident decisions and provide trustworthy information to the board and executives.
Hear from our subject matter experts:
Bill Vollono, Sales Engineer, Recorded Future
Kirk Hogan, CIO, Practice Lead, Security Operations, Iceberg Networks
Securing APIs: Application Architecture Disrupted
Posted under: Research and Analysis
When you think of disruption, the typical image is a tornado coming through and ripping things up, leaving towns leveled and nothing the same moving forward. But disruption can be slow and steady, incremental in the way everything you thought you knew has changed. Securing cloud environments was like that, initially trying to use existing security concepts and controls, which worked well enough. Until they didn’t and forced a re-evaluation of everything that we thought we knew about security. The changes were (and still are for many) challenging, but overall very positive.
At Least 30,000 US Organizations Newly Hacked Via Holes In Microsoft’s Email Software
In each incident, the intruders have left behind a “web shell,” an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser that gives the attackers administrative access to the victim’s computer servers. Speaking on condition of anonymity, two cybersecurity experts who’ve briefed U.S. national security advisors on the attack told KrebsOnSecurity the Chinese hacking group thought to be responsible has seized control over “hundreds of thousands” of Microsoft Exchange Servers worldwide — with each victim system representing approximately one organization that uses Exchange to process email. Microsoft said the Exchange flaws are being targeted by a previously unidentified Chinese hacking crew it dubbed “Hafnium,” and said the group had been conducting targeted attacks on email systems used by a range of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.
Attacks Targeting Microsoft Exchange: Check Point customers remain protected
On March 2nd , 2021, Volexity reported the in-the-wild exploitation of the following Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065.
Video Friday: Nanotube-Powered Insect Robots
At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software
At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.
Microsoft Adopted an ‘Aggressive’ Strategy for Sharing SolarWinds Attack Intel
Rob Lefferts, corporate vice president for Microsoft 365 Security in Security and Compliance, explains the company’s approach to keeping its customers and the industry apprised and updated on its findings from the now-infamous attack.
HAFNIUM Exchange Zero-Day Scanning
The Microsoft Exchange Zero-day exploit drop this week is a big one for 2021. The actions everyone needs to take when these exploits are being used in the wild is:
How Rani Therapeutics’ robotic pill could change subcutaneous injection treatment
A new auto-injecting pill might soon become a replacement for subcutaneous injection treatments.
Dan Siroker’s new startup Scribe automates Zoom note-taking
Optimizely co-founder Dan Siroker said the idea for his new startup Scribe goes back to a couple of personal experiences — and although Scribe’s first product is focused on Zoom, those experiences weren’t Zoom-related at all.
UK’s MHRA says it has ‘concerns’ about Babylon Health — and flags legal gap around triage chatbots
The UK’s medical device regulator has admitted it has concerns about VC-backed AI chatbot maker Babylon Health. It made the admission in a letter sent to a clinician who’s been raising the alarm about Babylon’s approach toward patient safety and corporate governance since 2017.