Researchers at Huntress Labs estimate that over the past few days, about 2,000 Microsoft Exchange mail servers have been compromised and infected with backdoors, because their owners have not installed patches to fix ProxyShell vulnerabilities. Let me remind you that the vulnerabilities, which were collectively called ProxyShell, were discussed at the Black Hat conference in… Continue reading Over 2000 Exchange Servers Hacked Using ProxyShell Exploit
Tag: Hacking
Hackers exploit ProxyShell vulnerabilities to install backdoors
Experts warn that hackers are attacking Microsoft Exchange servers, exploiting ProxyShell vulnerabilities, and installing backdoors on them for subsequent access. Let me remind you that the vulnerabilities, which are collectively called ProxyShell, were recently discussed at the Black Hat conference. ProxyShell combines three vulnerabilities that allow remote code execution without authentication on Microsoft Exchange servers.… Continue reading Hackers exploit ProxyShell vulnerabilities to install backdoors
Vulnerabilities allowed access to cameras on Mac, iPhone and iPad
Apple paid $75,000 to the IS researcher Ryan Pickren in the frameworks of the bug bounty program for vulnerabilities in Safari, due to which it was possible to access someone else’s cameras on Mac, iPhone and iPad, simply by directing a person to a special site. In total, Picren discovered seven vulnerabilities in the Apple… Continue reading Vulnerabilities allowed access to cameras on Mac, iPhone and iPad
Hackers scan network for vulnerable Microsoft Exchange servers
Information security experts warn that hackers are already scanning the network for Microsoft Exchange servers that are vulnerable to CVE-2020-0688, which Microsoft developers fixed two weeks ago. The problem is related to the operation of the Exchange Control Panel (ECP) component and the inability of Microsoft Exchange to create unique cryptographic keys during installation. “The… Continue reading Hackers scan network for vulnerable Microsoft Exchange servers
Google Search Indexes WhatsApp Private Groups
Google search engine indexes invitations to WhatsApp groups (including links to private groups), which makes them visible and accessible to any user who wants to join the group. The journalist Jordan Wildon drew attention to the problem. He found that the WhatsApp “Invite to Group link” feature allows Google indexing these groups, making them available… Continue reading Google Search Indexes WhatsApp Private Groups
An attacker in a WhatsApp group chat could disable messengers of other participants
Do you like chatting in groups of interest? Are you smiling or shivering when in a group chat from your child’s kindergarten or school class new messages arrive? You are in danger! The recently discovered dangerous vulnerability allows any member of a group chats to disable WhatsApp on the devices of all other participants using… Continue reading An attacker in a WhatsApp group chat could disable messengers of other participants