Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote code execution (RCE) on any application that uses the open-source utility and affects … Read more
Yes The hackers that just hacked the FBI email server only spammed thousands of email addresses and all they did was embarrass the FBI. The Criminal Justice Information Services division (CJIS) from FBI which apparently manages several national crime information systems, available to the criminal justice community. According to KrebsonSecurity the “from address” emails to … Read more
Yes an angry programmer hacker is mad they are not getting paid enough for their work, so they showed what they were doing to let everyone know how important they are!! Threatpost link about this story. Apparently the command and control servers are at the following IP addresses: 162.244.80.235 85.93.88.165 185.141.63.120 82.118.21.1 There … Read more
Yes cloud service can be abused – but let’s be specific: Dark reading article: The attack chain begins with the threat actor sending potential victims an email—on a topic of likely interest or relevance to the victim—with a link to a document on Google Docs. Users who follow the link are directed to a … Read more
The Exchange server hack keeps on going: https://www.technewsworld.com/story/87095.html : (April 13 story) Fortune 500s Hit by MS Exchange Breach Maybe still unaware. Although this article lists a lot of Fortune 500 companies with large budgets, they seem to have missed the Microsoft Exchange Server vulnerability fix. Probably the reason is that this specific problem was … Read more