OSN FEBRUARY 24, 2021

Title: Exploitation of Accellion File Transfer Appliance Date Published: February 24, 2021 https://us-cert.cisa.gov/ncas/alerts/aa21-055a Excerpt: “One of the exploited vulnerabilities (CVE-2021-27101) is an SQL injection vulnerability that allows an unauthenticated...

OSN FEBRUARY 16, 2021

Title: Hackers Exploited Centreon Monitoring Software to Compromise It Providers Date Published: February 16, 2021 https://www.bleepingcomputer.com/news/security/yandex-suffers-data-breach-after-sysadmin-sold-access-to-user-emails/ Please also see: Sandworm Intrusion...

OSN FEBRUARY 12, 2021

Title: Yandex Suffers Data Breach After Sysadmin Sold Access to User Emails Date Published: February 11, 2021 https://www.bleepingcomputer.com/news/security/yandex-suffers-data-breach-after-sysadmin-sold-access-to-user-emails/ Excerpt: “Russian internet and search...

OSN FEBRUARY 5, 2021

Title: Hacking Group Also Used an IE Zero-Day Against Security Researchers Date Published: February 4, 2021 https://www.bleepingcomputer.com/news/security/hacking-group-also-used-an-ie-zero-day-against-security-researchers/ Excerpt: “To perform their attacks, the...

OSN JANUARY 29, 2021

Title: Windows Installer Zero-Day Vulnerability Gets Free Micropatch Date Published: January 29, 2021 https://www.bleepingcomputer.com/news/security/windows-installer-zero-day-vulnerability-gets-free-micropatch/ Excerpt: “A vulnerability in the Windows Installer...