OSN FEBRUARY 24, 2021

Title: Exploitation of Accellion File Transfer Appliance Date Published: February 24, 2021 https://us-cert.cisa.gov/ncas/alerts/aa21-055a Excerpt: “One of the exploited vulnerabilities (CVE-2021-27101) is an SQL injection vulnerability that allows an unauthenticated...

OSN FEBRUARY 19, 2021

Title: Microsoft Wraps Solarwinds Probe, Nudges Companies Toward Zero Trust Date Published: February 18, 2021 Microsoft wraps SolarWinds probe, nudges companies toward zero trust Excerpt: “The findings offer lessons for all companies on the benefits of the zero trust...

OSN FEBRUARY 18, 2021

Title: Masslogger Swipes Microsoft Outlook, Google Chrome Credentials Date Published: February 17, 2021 Masslogger Swipes Microsoft Outlook, Google Chrome Credentials Excerpt: “The use of compiled HTML (usually used for Windows help files) can be advantageous for the...

OSN FEBRUARY 16, 2021

Title: Hackers Exploited Centreon Monitoring Software to Compromise It Providers Date Published: February 16, 2021 https://www.bleepingcomputer.com/news/security/yandex-suffers-data-breach-after-sysadmin-sold-access-to-user-emails/ Please also see: Sandworm Intrusion...

OSN FEBRUARY 12, 2021

Title: Yandex Suffers Data Breach After Sysadmin Sold Access to User Emails Date Published: February 11, 2021 https://www.bleepingcomputer.com/news/security/yandex-suffers-data-breach-after-sysadmin-sold-access-to-user-emails/ Excerpt: “Russian internet and search...