Latest News Articles


--- TLP:WHITE ---

News

− 70% of Orgs Facing New Security Challenges Due to COVID19 Pandemic

Tanium report finds only a third of businesses consider cybersecurity a top priority for 2021.

https://www.tanium.com/resources/how-the-pandemic-and-its-aftermath-empowered-it

− Microsoft: Windows 10 'Known Issue Rollback' auto-fixes update bugs

Microsoft has shared details on Known Issue Rollback (KIR), a Windows 10 capability used to revert buggy non-security fixes delivered through Windows Update. This feature reduces patching risk, and allows greater confidence in automatically applying updates.

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-known-issue-rollback-auto-fixes-update-bugs/

− COVID19 Vaccine Phishing Scams Surge 26% in Three Months

New data claims BEC scammers are also getting in on the act.

https://blog.barracuda.com/2021/03/04/threat-spotlight-vaccine-related-phishing/

− Financial Crime Surges in 2020 Following Shift to Digital Banking and Commerce

Study detects a 650% surge in account takeovers last year.

https://www.infosecurity-magazine.com/news/financial-crime-digital-banking/

Vulnerabilities

− Multiple Security Updates Released for Exchange Server

Microsoft released several security updates for Microsoft Exchange Server. Due to the critical nature of these vulnerabilities, They recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem.

https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

− CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

Patch now, or disconnect Microsoft Exchange servers from the internet.

https://cyber.dhs.gov/ed/21-02/

− Critical Vulnerabilities in Microsoft Exchange Servers - UPDATE

Microsoft released details of four vulnerabilities which are currently being exploited by attackers against Microsoft Exchange Servers. They have also released out-of-band Security Updates for Exchange Server to patch zero-day vulnerabilities. These vulnerabilities allow attackers to bypass authentication, including two-factor authentication, allowing them to access e-mail accounts of interest within targeted organisations and remotely execute code on vulnerable Microsoft Exchange servers.

https://www.ncsc.gov.ie/pdfs/MSExchangeVulnerabilities_Update.pdf

Community News

− Ransomware is a multi-billion industry and it keeps growing

An analysis from global cybersecurity company Group-IB reveals that ransomware attacks more than doubled last year and increased in both scale and sophistication.

https://www.group-ib.com/resources/threat-research/ransomware-2021.html

--- TLP:WHITE ---