4 matches found
Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor
A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...
Police Grab Slilpp, Biggest Stolen-Logins Market
The U.S. Department of Justice DOJ announced on Thursday that a multinational operation has led to the seizure of Slilpp, a well-known marketplace for selling stolen online logins that offered more than 80 million sets of credentials for sale. Since 2012, Slilpp has been an underground market to...
Microsoft Exchange Server ProxyLogon vulnerability
Added: 03/19/2021 Background Microsoft Exchange is an e-mail server for Microsoft Windows operating systems. Problem A server-side request forgery vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary commands. Resolution Apply the patch referenced in Microsoft Advisory...
Ransomware is targeting vulnerable Microsoft Exchange servers
The Microsoft Exchange attacks using the ProxyLogon vulnerability, and previously associated with the dropping of malicious web shells, are taking on a ransomware twist. Until now, the name of the game has been compromise and data exfiltration, with a bit of cryptomining on the side. To summarise...