CyberSec Roundup
A synopsis of the Latest Cybersecurity News
Conti Ransomware Hacking Exchange Servers
Organizations with on-premise Exchange Servers are urged to ensure the latest security updates are applied to their servers, specifically the ones addressing the three vulnerabilities tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. The patches released in May prevent ProxyShell attacks which the Conti Ransomware group are using to drop web shells, backdoors, and ransomware onto networks to compromise them.
CISA warns Cisco Enterprise NFVIS vulnerability
CISA notified organizations that Cisco has released security updates to fix a critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software (NFVIS) Release 4.5.1. The vulnerability is in the TACACS+ authentication, authorization and accounting feature of NFVIS, where a remote attacker could take control of an affected system.
Cyber National Mission Force Alert
The U.S. Cyber Command is warning that the Atlassian Confluence has a critical vulnerability, tracked as CVE-2021-26084, that is being actively exploited. Administrators with this product should urgently apply the patch as the vulnerability is currently being used to install crypto miners on victim systems, but ransomware could also be deployed.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)