ECHO Network · 2021. április 16.

Hacked Exchange Server Hosts Monero Miner Targeting Other Exchange Servers

Remember the slew of vulnerabilities putting Microsoft Exchange servers at risk of various attacks? ProxyLogon Vulnerabilities Used in Cryptojacking Attacks. Now another danger should be added to the threat list – cryptojacking also known as cryptocurrency mining.
ECHO Network · 2021. április 16.

US Issues Russian SVR Warning

America has issued a cybersecurity advisory that urges organizations to patch vulnerabilities it says are being exploited by Russian Foreign Intelligence Service (SVR) actors. The warning was jointly issued on April 15 by the National Security Agency (NSA), the Cybersecurity and Infrastructure....
ECHO Network · 2021. április 16.

Vigil@nce - OpenSSL: buffer overflow via EVP_XUpdate, analyzed on 16/02/2021

Synthesis of the vulnerability An attacker can trigger a buffer overflow via EVP_XUpdate of OpenSSL, in order to trigger a denial of service, and possibly to run code. Vulnerable software: Severity of this announce: 2/4. Creation date: 16/02/2021. Références of this computer vulnerability: 6429603,....
ECHO Network · 2021. április 16.

Vigil@nce - OpenSSL: NULL pointer dereference via X509_issuer_and_serial_hash, analyzed on 16/02/2021

Synthesis of the vulnerability An attacker can force a NULL pointer to be dereferenced via X509_issuer_and_serial_hash() of OpenSSL, in order to trigger a denial of service. Vulnerable systems: , USN-4745-1, VIGILANCE-VUL-34598. Description of the vulnerability An attacker can force a NULL pointer....
US CERT: Current Activity · 2021. április 16.

WordPress Releases Security and Maintenance Update

Original release date: April 16, 2021

WordPress versions 4.7-5.7 are affected by multiple vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected website. 

CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.7.1.

This product is provided subject to this Notification and this Privacy & Use policy.

ECHO Network · 2021. április 16.

NA - CVE-2021-22539 - An attacker can place a crafted JSON config...

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint *.bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recommend upgrading to version 0.
ECHO Network · 2021. április 16.

Keyfactor to Merge with PrimeKey

via infosecurity-magazine.com Keyfactor to Merge with PrimeKeyOhio PKI-as-a-Service pioneer Keyfactor and Swedish PKI solutions provider PrimeKey have announced their intention to merge.Plans for the companies to come together under the Keyfactor brand "while committing to increased investments across all product lines" were shared on April 15.
ECHO Network · 2021. április 16.

1-Click Vulnerabilities found in Popular Desktop Applications

A number of 1-Click vulnerabilities have been discovered in various popular software applications that can be exploited with a single click. Their exploitation allows an attacker to potentially execute arbitrary code on target systems. The problems were discovered by security researchers at Positive....
ECHO Network · 2021. április 16.

Vulnerabilities in WhatsApp allow you to remotely hack your phone

Two dangerous vulnerabilities were discovered in the version of the popular WhatsApp messenger for Android. Their exploitation allows you to remotely execute malicious code on the device and steal confidential information. The issues affect devices running all versions up to and including Android 9....
NVD: all CVE · 2021. április 16.


IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parameter, an authorized administrator could overflow a buffer and cause the server to crash. IBM X-Force ID: 197792.
ECHO Network · 2021. április 16.

Cockpit CMS flaws exposed web servers to NoSQL injection exploits

Vulnerabilities could be leveraged for full RCE on Cockpit instances using MongoLite. Developers of Cockpit CMS, an open source content management system, have patched two security vulnerabilities following a disclosure by researchers at PT Swarm. The vulnerabilities could allow a remote,....
ECHO Network · 2021. április 16.

Google’s Project Zero updates its vulnerability disclosure policy to give companies more time to roll out patches

The Google Project Zero security team has updated its vulnerability disclosure policy to include a new 30-day grace period to give users more time to install patches before technical details of a vulnerability is shared online. Previously, Project Zero would give software vendors 90 days to....
ECHO Network · 2021. április 16.

Gafgyt botnet re-uses some of Mirai’s DDoS modules

Threat research team at the cybersecurity company Uptycs has discovered several variants of the Gafgyt Linux-based botnet malware family that borrow some codes, techniques and implementations from the infamous Mirai botnet. First spotted in 2014, Gafgyt (also known as Bashlite) usually targets....
ECHO Network · 2021. április 16.

Thank Zuck it's Friday #10 - Google as the privacy good guy and Darktrace IPO

In this web seminar we explore how best to go about assessing and modernising your AD as we reveal our research findings into AD health and readiness, consolidation challenges, and strategies for success. Date: 20 Apr 2021; In this webinar, Javvad Malik, Security Awareness Advocate at KnowBe4, will....
ECHO Network · 2021. április 16.

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Compromised Exchange servers were targeted by threat actors to host malicious Monero cryptominer. Any unpatched exchange servers are now vulnerable to Cryptojacking in the ProxyLogon exploit. The Exchange servers were compromised and were infected with ransomware and webshells to host Monero. The exploit is referred to as the ProxyLogon exploit.
ECHO Network · 2021. április 16.

Google to Delay Publishing Bug Details for 30 Days

Google has announced that they will not publish vulnerabilities details for 30 days after the initial public disclosure, allowing customers more time to fix the bugs and implement patches before technical details are released that could potentially be used by an attacker to exploit the flaw.
ECHO Network · 2021. április 16.

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack.
ECHO Network · 2021. április 16.

The people profession’s role in handling cybersecurity risks

The instant switch to remote working because of the global pandemic has increased internet usage as people collaborate across teams and stay connected to colleagues, family, friends and their community. Healthcare and the increased acceleration in the adoption of telehealth, the shift of retail from....
ECHO Network · 2021. április 16.

SolarWinds cyber strike: Russia did it, say US and UK

The US and UK have officially attributed the SolarWinds cyber attack which affected 18,000 organisations globally to Russia’s Foreign Intelligence Service (Sluzhba Vneshney Razvedki, the SVR). In a joint advisory , the NSA, FBI and Cybersecurity & Infrastructure Security Agency (CISA) said SVR....
ECHO Network · 2021. április 16.

Cyber Intelligence Briefing: 16 April 2021

CHALLENGING INSECURITY: A ROADMAP TO CYBER CONFIDENCE. In our latest report, we demystify the drivers of insecurity among cyber security professionals, in so doing, mapping a path to cyber confidence. New Exchange server vulnerabilities Four found in Exchange servers. Microsoft and NSA urge patches be applied as soon as possible.