Vulnerability summary for the week: March 5, 2021
A weekly vulnerability digest.
Cybersecurity News - Page 320
Microsoft shares details on three new malware strains used in SolarWinds hack
GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
Four notorious cybercrime forums hacked
The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
Researchers discover connection between SunCrypt and QNAPCrypt ransomware
SunCrypt may be an updated version of the QNAPCrypt ransomware.
Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks
The cybercriminals behind the Clop ransomware operation have posted screenshots of files allegedly stolen from Qualys on their leak site.
CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers
Several APT groups are exploiting "at least" the CVE-2021-26855 Microsoft Exchange Server vulnerability as part of ongoing attacks, ESET says.
Malaysia Airlines warns Enrich members of ‘data security incident’ spanning nine years
The company said that the incident occurred between the period of March 2010 and June 2019.
Google addresses actively exploited Chrome zero day vulnerability
In addition to the zero day flaw, Chrome 89.0.4389.72 contains fixes for a number of high risk vulnerabilities
Microsoft patches 4 Exchange 0days actively exploited by Chinese hackers
The tech giant is warning customers of a new Chinese APT that is exploiting four previously undisclosed security flaws in Exchange Server.
Gootkit delivery platform Gootloader uses SEO techniques to spread malware
In the recent campaigns the Gootloader framework has been used to deliver the Kronos trojan and Cobalt Strike in addition to the REvil and Gootkit malware.
Showing elements 3191 - 3200