Steven Adair

November 10, 2016

Russian ‘Dukes’ of Hackers Pounce on Trump Win

This post was originally published on this siteLess than six hours after Donald Trump became the president-elect of the United States, a Russian hacker gang perhaps best known for breaking into computer networks at the Democratic National Committee launched a volley of targeted phishing campaigns against American political think-tanks and non-government organizations (NGOs). One of the phishing emails in the latest political espionage attack launched by The Dukes. Source: Volexity. That’s according to a new report from Washington, D.C.-based cyber incident response firm Volexity. The firm’s researchers say they’ve been closely monitoring the activities of an well-established Russian malware development gang known […]
September 30, 2022

Microsoft: Two New 0-Day Flaws in Exchange Server

This post was originally published on this siteMicrosoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks. In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability that can […]