Botnet backdoors Microsoft Exchange servers, mines cryptocurrency

Posted by & filed under Ειδοποιήσεις.

Unpatched Microsoft Exchange servers are being targeted by the Prometei botnet and added to its operators’ army of Monero (XMR) cryptocurrency mining bots. This modular malware can infect both Windows and Linux systems, and it was first spotted last year while using the EternalBlue exploit to spread across compromised networks and enslave vulnerable Windows computers.

Microsoft IOC Detection Tool for Exchange Server Vulnerabilities

Posted by & filed under Ειδοποιήσεις.

Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021. National CSIRT-CY is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script as soon as possible to help determine whether their systems are… Read more »

Microsoft January 2021 Patch Tuesday fixes 83 flaws, 1 zero-day

Posted by & filed under Ειδοποιήσεις.

With the January 2021 Patch Tuesday security updates release, Microsoft has released fixes for 83 vulnerabilities, with ten classified as Critical and 73 as Important. There is also one zero-day and one previously disclosed vulnerabilities fixed as part of the January 2021 updates. For information about the non-security Windows updates, you can read about today’s Windows 10 KB4598229… Read more »

Microsoft disrupts nation-state hacker op using Azure Cloud service

Posted by & filed under Ειδοποιήσεις.

In a report this week, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyber attacks. Microsoft refers to the actor by the name Gadolinium and says that it’s been active for about a decade targeting organizations in the maritime and health industry; more recently,… Read more »