Microsoft have recently shared [1][2] details of active threats targeting on-premise Microsoft Exchange servers worldwide by exploiting chained vulnerabilities that lead to the threat actor gaining full control of the affected email server.
Businesses have known for a long time that there always are weak links in security, especially mobile security. The worse part is not that businesses get affected by these security issues, but the fact that public awareness is terribly low on how vulnerable this can be. The man in the middle attack has been one of the most exploited ways hackers have tried and managed to steal information and money.
You purchase a license (through an RFP process or not), the integrator comes, gathers information about your environment, two weeks later they come to set up the configuration and then you start seeing beautifully ingested logs from all across your environment, allowing you to define meaningful correlation rules. Well, of course, that’s nonsense. It’s never as smooth and straightforward, no matter what the vendor claimed in their datasheet or proposal.
The Spring MVC framework is a well-known Java framework to build interactive web applications. It implements the Model-View-Controller architecture pattern to separate the different aspects of your application. Separating the different logic elements like representation logic, input logic, and business logic is generally considered good architectural practice.
Judging by the reactions I saw in the audience during my past talks on “Securing Containers By Breaking In”, as well as recent reactions on Twitter, not many know about Docker Hub’s fairly recent multi-factor authentication feature. In October 2019, in order to improve the Docker Hub authentication mechanism, Docker rolled out a beta release of two-factor authentication (also known as 2FA).
Today, AWS announced the general availability of Amazon ECS Exec, a powerful feature to allow developers to run commands inside their ECS containers. Amazon Elastic Container Service (ECS) is a fully managed container orchestration service by Amazon Web Services. ECS allows you to organize and operate container resources on the AWS cloud, and allows you to mix Amazon EC2 and AWS Fargate workloads for high scalability.
On March 2, Microsoft released patches for four zero-day vulnerabilities affecting Exchange Server 2013, 2016, and 2019 (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065). In the following weeks, attackers have been aggressively targeting vulnerable servers to install web shells that provide persistent remote access to infected servers. On March 9, attackers began installing a new ransomware variant known as DearCry or DoejoCrypt on infected servers.
Today Lookout announced that we’ve acquired CipherCloud, a leading cloud-native security company that operates in the emerging Secure Access Service Edge (SASE) market. The combination will create the industry’s first company capable of providing an integrated endpoint-to-cloud security solution.
The coronavirus pandemic has added new layers to the threat landscape facing corporate security leaders in 2020 and going into 2021, as well. As businesses and workforces sought to adapt rapidly to remote working at scale, malicious groups and other threat actors began exploiting opportunities to target stressed people and systems with malware.
