Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Microsoft IOC Detection Tool for Exchange Server Vulnerabilities

Microsoft has released emergency out-of-band security updates thataddress four zero-day issues (CVE-2021-26855, CVE-2021-26857,CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchangeversions that are actively exploited in the wild. Researchers at the MS Exchange Server team have released a script thatcould be used by administrators to check if their installs arevulnerable to...

Read more

0
08 Mar 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in SolarWinds Orion and ServU-FTP Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in SolarWinds Orion andServU-FTP, the most severe of which could allow for remote code execution. * SolarWinds Orion provides centralized monitoring across anorganization’s entire IT stack.* ServU-FTP is a multi-protocol file server capable of sending andreceiving files from other networked computers through various means. Successful...

Read more

0
01 Mar 2021
in Security Advisories & Alerts

A Vulnerability in SonicWall SMA 100 Series Could Allow for SQL Injection

DESCRIPTION:A vulnerability has been discovered in the SonicWall SMA 100 Series,which could allow for SQL injection. The SonicWall SMA 100 Series is aunified secure access gateway that enables organizations to provideaccess to any application, anytime, from anywhere and any devices,including managed and unmanaged. Successful exploitation of thisvulnerability could result in...

Read more

0
01 Mar 2021
in Security Advisories & Alerts

Hildegard Malware [cyberflorida]

I. Targeted Software Docker Kubernetes Amazon Web Services (AWS) Microsoft Azure Google Cloud II. Introduction A hacking group referred to as “TeamTNT” has been active within the previous 8 months. In the summer of 2020, security researches identified TeamTNT as the group behind a crypto-mining malware capable of stealing local...

Read more

0
14 Feb 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in Cisco VPN Routers Could Allow for Arbitrary Code Execution.

DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco VPN Routers, themost severe of which could allow for arbitrary code execution as theroot user of an affected device. These VPN routers are often used toconnect hosts via the router hardware as opposed to individualinstallations on each device. Successful exploitation of the most...

Read more

0
10 Feb 2021
Page 5 of 134« First...34567...102030...Last »