March 9, 2021

A ransomware attack hit the Oloron-Sainte-Marie hospital in southwest France, it is the third such attack in the last month. A ransomware attack paralyzed the systems at the Oloron-Sainte-Marie hospital in southwest France. The incident took place on Monday, the ransomware gang is demanding the payment of a ransom of $50,000 worth of Bitcoin. The […]

The post Another French hospital hit by a ransomware attack appeared first on Security Affairs.

Read More Another French hospital hit by a ransomware attack

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a “web shell” backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim’s other computers. Researchers are now racing to identify, alert and help victims, and hopefully prevent further mayhem.

Read More Warning the World of a Ticking Time Bomb

Despite the rising ransomware numbers and the numerous related headlines, many small and medium-sized businesses (SMBs) still don’t consider themselves at risk from cyberattacks. Nothing could be further from the truth. Smaller organizations are a prime target, and ransomware authors have only upped the ante in their methods to ensure they get paid. For example, […]

The post 3 Ransomware Myths Businesses Need to Stop Believing ASAP appeared first on Webroot Blog.

Read More 3 Ransomware Myths Businesses Need to Stop Believing ASAP

One of the reasons why there’s so much cybercrime is because there are so many ways for cybercriminals to exploit vulnerabilities and circumvent even the best defenses. You may be surprised to find that one of the biggest vulnerabilities is users. Many successful attacks could actually be prevented if users just knew what to look […]

The post Who’s Hacking You? appeared first on Webroot Blog.

Read More Who’s Hacking You?

Microsoft released ProxyLogon security updates for Microsoft Exchange servers running vulnerable unsupported Cumulative Update versions. On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. Now Microsoft has released security updates for Microsoft Exchange […]

The post Microsoft releases ProxyLogon patches for unsupported Microsoft Exchange versions appeared first on Security Affairs.

Read More Microsoft releases ProxyLogon patches for unsupported Microsoft Exchange versions

Azure Defender for Resource Manager automatically monitors the resource management operations. This blog discusses the threats that are caused by ‘Living off the land Binaries’.

The post Azure LoLBins: Protecting against the dual use of virtual machine extensions appeared first on Microsoft Security.

Read More Azure LoLBins: Protecting against the dual use of virtual machine extensions

On the 2ndof March, Microsoft rolled out several out-of-band patches for minor and medium Windows vulnerabilities and exposures. Of particular interest are the mitigations for CVE-2021-27065, CVE-2021-26858, CVE-2021-26857, and CVE-2021-26855, discover…

Read More Patch Tuesday, March 2021: Microsoft Releases Several Out-of-Band Patches for Windows Exposures, Including Four Documented Zero-Day Server Exchange Vulnerabilities

Apple released out-of-band patches to address a remote code execution, tracked as CVE-2021-1844, that affect iOS, macOS, watchOS, and Safari web browser. Apple has released out-of-band security patches to address a critical iOS, macOS, watchOS, and Safari web browser to address a security flaw tracked as CVE-2021-1844. The vulnerability was discovered by Clément Lecigne of […]

The post Apple fixes CVE-2021-1844 RCE that affects iOS, macOS, watchOS, and Safari appeared first on Security Affairs.

Read More Apple fixes CVE-2021-1844 RCE that affects iOS, macOS, watchOS, and Safari

How is this even possible?

…26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 2013-­2017, which indicates a lack of recent software updates,” the reported stated.

26%!? One in four networks?

Even if we assume that the report is self-serving to the company that wrote it, and that the statistic is not generally representative, this is still a disaster. The number should be 0%…

Read More On Not Fixing Old Vulnerabilities

LinkedIn’s Workforce Confidence Index breaks down the challenges and strategies that Canadians are applying to the job hunt by gender, Microsoft’s $7.5 billion acquisition of ZeniMax Media gets the green light, and some temperature scanning devices pro…

Read More Hashtag Trending, March 9, 2021 – Job hunt differences between men and women; Microsoft’s Bethesda acquisition is official; Fever scanner mishap