(Updated 03/10/2021 to include defensive tips) As the cybersecurity community continues to reel with the sweeping effects of the SolarWinds attack, the Microsoft Threat Intelligence Center (MSTIC) has released information about another widespread campaign targeting Exchange servers. It has been found that a state-sponsored threat actor operating out of China, which they are … [Read more...]
SolarWinds Catch-Up
Swift new developments have continued to pour out on the SolarWinds breach. Under normal circumstances it is difficult to keep up to date on the news and especially so with a story that continues to grow. Nevertheless, the Threat Lab team at WatchGuard has been keeping an eye out on the latest updates. Beyond the major players such as FireEye, Microsoft, CISA, and SolarWinds, … [Read more...]
Critical Microsoft DNS Server Vulnerability – SIGRRed
If you already had plans to test and roll out the various Microsoft Windows and Server updates that came out today as a part of Microsoft’s Patch Tuesday, you probably want to move a bit quicker. Among the various bug fixes are a series of patches for a critical “wormable” vulnerability in Windows DNS Server, affecting all Windows Server versions dating back to Server 2003 … [Read more...]
Flash 0day and MS Patch Day – Daily Security Byte EP. 273
The second Tuesday of each month is infamously known as Microsoft Patch Day by IT pros. However, this month Adobe's security news trumps Microsoft's. Watch today's video to learn why you should update Flash before your Microsoft products, but also why you shouldn't skimp on the Microsoft patches either. (Episode Runtime: 2:59 Direct YouTube … [Read more...]
Advanced Lingering Malware – Daily Security Byte EP. 270
Microsoft's Background Intelligent Transfer Service helps Windows and other programs quietly deliver updates in the background, without taxing your network bandwidth. Unfortunately, cyber criminals have also figured out how to exploit it to continually reinstall malware on a cleaned computer. Watch the video below to learn more. (Episode Runtime: 4:08) Direct YouTube … [Read more...]
