PANO360
  • About
  • Services
  • Case Study
  • News
  • Contact

Conti ransomware uses Log4j bug to hack VMware vCenter servers

17/12/2021

0 Comments

 
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines.
The gang did not waste much time adopting the new attack vector and is the first "top-tier" operation known to weaponize the Log4j vulnerability...
https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers/

0 Comments

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

16/12/2021

0 Comments

 
Web infrastructure company Cloudflare on Wednesday revealed that threat actors are actively attempting to exploit a second bug disclosed in the widely used Log4j logging utility, making it imperative that customers move quickly to install the latest version as a barrage of attacks continues to pummel unpatched systems with a variety of malware...
https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html​
0 Comments

Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN

12/11/2021

0 Comments

 
A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges...
https://thehackernews.com/2021/11/palo-alto-warns-of-zero-day-bug-in.html​
0 Comments

HPE says hackers breached Aruba Central using stolen access key

11/11/2021

0 Comments

 
HPE has disclosed that data repositories for their Aruba Central network monitoring platform were compromised, allowing a threat actor to access collected data about monitored devices and their locations...
https://www.bleepingcomputer.com/news/security/hpe-says-hackers-breached-aruba-central-using-stolen-access-key/​
0 Comments

New Yanluowang ransomware used in targeted attacks

15/10/2021

0 Comments

 
The Symantec Threat Hunter Team, a part of Broadcom Software, has uncovered what appears to be a new ransomware threat called Yanluowang that is being used in targeted attacks...
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-targeted-ransomware​
0 Comments

Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers

29/9/2021

0 Comments

 
Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services (AD FS) servers...
https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html​
0 Comments

New Microsoft Exchange service mitigates high-risk bugs automatically

29/9/2021

0 Comments

 
Microsoft has added a new Exchange Server feature that automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws to secure on-premises servers against incoming attacks and give admins more time to apply security updates...
https://www.bleepingcomputer.com/news/microsoft/new-microsoft-exchange-service-mitigates-high-risk-bugs-automatically/​
0 Comments

Microsoft will disable Basic Auth in Exchange Online in October 2022

27/9/2021

0 Comments

 
Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users...
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-disable-basic-auth-in-exchange-online-in-october-2022/​
0 Comments

Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

23/9/2021

0 Comments

 
Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution...
https://www.bleepingcomputer.com/news/security/hackers-are-scanning-for-vmware-cve-2021-22005-targets-patch-now/​
0 Comments

Microsoft Exchange Autodiscover bugs leak 100K Windows credentials

22/9/2021

0 Comments

 
Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide...
https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-autodiscover-bugs-leak-100k-windows-credentials/​
0 Comments
<<Previous

    Categories

    All

Site Map
Home | About | Services | Case Study | News
Contact Us | Whitepaper | Privacy Policy
Contact Details
120 Lower Delta Road, #10-08 Cendex Centre
Singapore 169208
Phone: 6460 4290
Email: itsales@bitsolution.com.sg
Picture
Picture
© COPYRIGHT 2021 BIT Solution Pte Ltd. All Rights Reserved.
  • About
  • Services
  • Case Study
  • News
  • Contact