Over the last few weeks, we continue to see HAFNIUM attacks against Exchange Servers through our threat intelligence. Our Firebox feed data shows Fireboxes identifying the signature almost every day over the HTTPS proxy. Yet, Many Exchange servers remain unprotected. With Exchange Outlook Web Access (OWA)servers, Fireboxes must inspect the content of HTTPS traffic for … [Read more...]
China Suspected of Targeting Email Server During Elections in Australia
As reported by ABC Australia, an Australian government email server fell victim to what we suspect was the Exchange server vulnerability disclosed earlier this month. Officials detected Chinese hackers targeting Western Australia's parliamentary email server just nine days before the state’s elections, March 13th. The attack comes after another cyber attack last June, again … [Read more...]
Gab.com Leaks 70 Gigabytes of Usernames Hashed Passwords and More
The alternative social media site Gab, favored by the political right-wing, leaked private information though a SQL injection vulnerability according to Gab.com. Gab CEO Andrew Torba initially denied the breach over the weekend but has since acknowledged it. A hacker by the name JaXpArO provided the stolen data to the hacktivist group DDoSecrets. DDoSecrets says they won't … [Read more...]
11 High Severity Vulnerabilities found in Nvidia Software
Nvidia released updates to its users after security researchers and the Nvidias Product Security Team found 16 vulnerabilities in the Nvidia driver and software packages. One of the vulnerabilities found in the driver package allows for an escalation of privileges and could allow full control of the system. Drivers tend to have administrative privileges and so this creates a … [Read more...]
Zyxel Adds a Built-in User With A Easy To Find Password
Zyxel, a firewall and AP vendor, released a firmware update to their devices that included an unexpected, built-in admin user account called "zyfwp". Folks in information security often characterize this sort of hidden and hardcoded accounts as a “backdoor” account, even though it is hard to say if the vendors who do this do so intentionally or accidentally. First found by … [Read more...]
