Tag Archive for: urgently

CISA warns admins to urgently patch Exchange ProxyShell bugs

/in


CISA warns admins to urgently patch Exchange ProxyShell bugs

The US Cybersecurity and Infrastructure Security Agency (CISA) issued its first alert tagged as “urgent,” warning admins to patch on-premises Microsoft Exchange servers against actively exploited ProxyShell vulnerabilities.

“Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207,” CISA warned over the weekend.

“CISA strongly urges organizations to identify vulnerable systems on their networks and immediately apply Microsoft’s Security Update from May 2021—which remediates all three ProxyShell vulnerabilities—to protect against these attacks.”

These three security flaws (patched in April and May) were discovered by Devcore security researcher Orange Tsai, who used them to compromise a Microsoft Exchange server in April’s Pwn2Own 2021 hacking contest:

Actively exploited by multiple threat actors

This warning comes after similar ones alerting organizations to defend their networks from the wave of attacks that hit tens of thousands of organizations worldwide in March, with exploits targeting four zero-day Microsoft Exchange bugs known as ProxyLogon.

Even though Microsoft fully patched the ProxyShell bugs in May 2021, they didn’t assign CVE IDs for the three security vulnerabilities until July, thus preventing some organizations who had unpatched servers from discovering that they had vulnerable systems on their networks.

After additional technical details were recently disclosed, both security researchers and threat actors could reproduce a working ProxyShell exploit.

Then, just as it happened in March, attackers began scanning for and hacking Microsoft Exchange servers using the ProxyShell vulnerabilities.

After breaching unpatched Exchange servers, threat actors drop web shells that allow them to upload and execute malicious tools.

While, in the beginning, the payloads were harmless, attackers have begun deploying LockFile ransomware payloads delivered across Windows domains compromised using Windows PetitPotam exploits.

So far, US-based security firm Huntress Labs said it found over 140 web shells deployed by attackers on more than 1,900 compromised Microsoft Exchange servers until…

Source…

Eight computer security trends APAC leaders should urgently address

/in


Computer security in APAC needs a reboot, with these 8 trends in mind - Prince, of the Red Hacker Alliance monitors global cyberattacks on his PC (Photo by NICOLAS ASFOURI / AFP)

Computer security in APAC needs a reboot, with these 8 trends in mind. (Photo by NICOLAS ASFOURI / AFP)

Cybersecurity remains an ever-growing concern in a digitized, post-pandemic world. Covid-19 has killed in more ways than one – physically, and with the demise of multitudes of jobs across the world. 

However, the outbreak has also catalyzed the maturation of digitalization – demand for digital services has been nothing short of explosive during the pandemic.

Growth of Digital in APAC

The Southeast Asian (SEA) region is not a stranger to digital disruption, innovation, and digitally transformative initiatives, either. Rapid and proactive action by governments to control the spread of Covid-19 has resulted in tight border and movement restrictions.

This has, in turn, jolted businesses ranging from mega entities to small and medium business (SMBs) towards optimizing and increasing adoption of digitalized solutions in order to keep their hungry economies connected and vital. 

Computer security and talent shortage woes

The region has been racing to adopt technologies such as cloud, edge, 5G, artificial intelligence (AI), machine learning (ML), and IoT, in post-pandemic economic recovery effortsAlas, a menacing darkness looms over this sliver of economic hope: cybersecurity threats.

Earlier last year, Tech Wire Asia reported that cybersecurity was at the forefront of priorities for APAC business decision-makers alongside digital growth. However, the lack of talent in the field is still a major concern.

The 2021 cybersecurity update

In May 2021, Check Point Software Technologies released research data on cybersecurity threats in APAC and found that, compared to May of the previous year, cyberattacks have increased by an alarming 168%. 

In fact, there was a 53% increase from April to May this year alone. The top five countries seeing the largest increase in cyberattacks as compared to May 2020 are Japan (40%), Singapore (30%), Indonesia (25%), Malaysia (22%), and Taiwan (17%). 

The top three sectors most affected by these cyber threats are utilities (39%), internet and managed service providers (ISPs/MSPs with 12% of the total), and software vendors (6%). According to Check Point,

Source…