Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram Live Sex ThePornDude
Home Artists Posts Import Register

Microsoft Exchange Zero Days Actively Exploited - Update ASAP - ThreatWire (AUDIO ONLY) (Patreon)

Published:
2021-03-09 17:23:05
Imported:
2022-07

Downloads

Content

Microsoft Exchange has zero days - make sure to update!, 3 new malware strains related to SolarWinds were found, and passenger data for multiple airlines were compromised in a breach! All that coming up now on ThreatWire.

 #threatwire #hak5


Links:

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins and users.


Watch this on youtube: https://youtu.be/NzmvkeEbp6I


Shop ThreatWire Merch Directly! - https://snubsie.com/shop


Shop ThreatWire Merch on Teespring! - https://teespring.com/stores/morsecode 


Support ThreatWire!  https://www.patreon.com/threatwire 


Links:

0:00 Welcome!


Microsoft Exchange

https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/

https://arstechnica.com/information-technology/2021/03/microsoft-issues-emergency-patches-for-4-exploited-0days-in-exchange/

https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/

https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26858

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27065

https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b

https://www.bleepingcomputer.com/news/security/microsoft-fixes-actively-exploited-exchange-zero-day-bugs-patch-now/

https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange.nse

https://threatpost.com/microsoft-exchange-zero-day-attackers-spy/164438/

https://www.bleepingcomputer.com/news/security/state-hackers-rush-to-exploit-unpatched-microsoft-exchange-servers/

https://www.zdnet.com/article/update-immediately-microsoft-rushes-out-patches-for-exchange-server-zero-day-attacks/

https://www.cyberscoop.com/dhs-microsoft-exchange-flaws-patch-china/

https://cyber.dhs.gov/ed/21-02/

https://www.cnet.com/news/microsoft-exchange-attackers-strike-more-than-30000-us-organizations/

https://twitter.com/C_C_Krebs/status/1368004411545579525

https://www.cyberscoop.com/microsoft-exchange-server-czech-republic-norway-hafnium-chinese-hackers/

https://www.cyberscoop.com/exchange-server-microsoft-hacks-china-biden/


SolarWinds malware strains - 3 new ones

https://www.cyberscoop.com/white-house-executive-order-software-solarwinds-neuberger/

https://www.microsoft.com/security/blog/2021/03/04/goldmax-goldfinder-sibot-analyzing-nobelium-malware/

https://www.bleepingcomputer.com/news/security/microsoft-reveals-3-new-malware-strains-used-by-solarwinds-hackers/

https://www.cyberscoop.com/researchers-uncover-four-more-malware-strains-linked-to-solarwinds-hackers/

https://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html



SITA

https://threatpost.com/supply-chain-cyberattack-airlines/164549/

https://www.bleepingcomputer.com/news/security/sita-data-breach-affects-millions-of-travelers-from-major-airlines/

https://www.sita.aero/pressroom/news-releases/sita-statement-about-security-incident/

https://www.zdnet.com/article/singapore-airlines-frequent-flyer-members-hit-in-third-party-data-security-breach/

https://www.singaporeair.com/en_UK/sg/media-centre/news-alert/?id=kltm93p0


Photo credit:

https://www.windowsmanagementexperts.com/wp-content/uploads/2020/11/Microsoft-building-.jpg




-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

Threat Wire RSS → https://shannonmorse.podbean.com/feed/

Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999


Host: Shannon Morse → https://www.twitter.com/snubs

Host: Darren Kitchen → https://www.twitter.com/hak5darren

Host: Mubix → http://www.twitter.com/mubix

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Comments

Tiky

The YouTube video is marked as private, I couldn't listen to it :(

Shannon Morse
>>55244117

When I mark the youtube video to release at a scheduled time, it won't go public until that time so the link remained private until it is posted for the public. BUT, the audio RSS feed available here on patreon is posted early, so you can listen to the audio version as soon as you see this post go live. Unfortunately Youtube doesn't give creators a way to pre-schedule a video AND also make the link work before the video is available publicly.

Tiky

Got it! Thanks for the clarification. I was tempted by the YouTube link because I know I can have it play in the background by default and forgot trying to download the audio :)