Microsoft has recently identified a series of attacks on SolarWinds’ Serv-U managed file transfer service, which were executed using a now-resolved remote code execution (RCE) vulnerability attributed to a Chinese threat group known as “DEV-0322.” This announcement follows SolarWinds’ emergency patches aimed at countering an exploit that could have allowed…
The U.S. government, along with critical allies such as the European Union, the United Kingdom, and NATO, has officially linked a substantial cyberattack on Microsoft Exchange email servers to state-sponsored hacking groups associated with China’s Ministry of State Security (MSS). The attack exploited zero-day vulnerabilities in Microsoft Exchange, which were…
Significant changes are coming to Gmail’s security protocols. dpa/picture alliance via Getty Images Updated on November 3 with additional reports regarding compromised Gmail passwords and updated recommendations for users regarding password management. While numerous claims of widespread Gmail password leaks have circulated recently, Google has reassured users that no immediate…
Security Flaw in Styra’s Open Policy Agent Exposes NTLM Hashes Recently, a significant security vulnerability in Styra’s Open Policy Agent (OPA) has come to light, one that could have potentially exposed New Technology LAN Manager (NTLM) hashes if exploited. Following a responsible disclosure, this flaw has been addressed in a…
A critical vulnerability affecting Microsoft SharePoint, identified as CVE-2024-38094, has been recently incorporated into the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog. This adds urgency as CISA has flagged the issue, citing active exploitation in the wild. This high-severity vulnerability, which carries a CVSS score…
This week’s cybersecurity highlights draw attention to rising threats stemming from misconfigurations, software vulnerabilities, and sophisticated malware. The incidents outlined below require the immediate focus of IT teams and business executives. ISC has addressed CVE-2025-5470 in BIND 9, a denial-of-service vulnerability impacting versions 9.16.0 to 9.18.26. The vulnerability enables server…
In a recent joint advisory, intelligence agencies from Australia, the U.K., and the U.S. have highlighted critical vulnerabilities that were actively exploited during 2020 and 2021. This report underscores how swiftly threat actors can capitalize on publicly disclosed weaknesses in software, posing a significant risk to various organizations worldwide. The…
A significant cybersecurity threat has emerged from a Chinese cyber espionage group known as UNC215, which has been stealthily targeting Israeli government entities and IT infrastructure since at least 2019. The group is notable for disguising its operations as Iranian hackers to evade detection, complicating forensic investigations aimed at tracing…
New Vulnerability Risks Driver Signature Enforcement on Windows Systems A recently uncovered attack method exposes vulnerabilities in Microsoft’s Driver Signature Enforcement (DSE) on fully updated Windows systems, enabling potential OS downgrade attacks. This breakthrough allows cybercriminals to load unsigned kernel drivers, paving the way for the deployment of custom rootkits.…
