CyberSec Roundup
A synopsis of the Latest Cybersecurity News
FBI cleans up infected Exchange Servers
The FBI received a court order from the DOJ to remove any existing backdoors which were still up on compromised Microsoft Exchange Servers belonging to Americans. They specifically targeted Hafnium shells, and successfully removed shells from thousands of machines without the owners’ knowledge. The FBI is retroactively notifying owners that the shells have been removed.
NAME:WRECK report
The report published by security researchers from Forescout and JSOF discusses DNS vulnerabilities in 4 open-source TCP/IP stacks; IPNet, Nucleus NET, NetX, and particularly, FreeBSD. There are potentially millions of devices that utilize these TCP/IP stacks which could lead to their networks being compromised. The 4 vendors have patched their vulnerabilities, but other manufacturers that use these stacks in their devices need to deploy fixes to ensure they are no longer vulnerable.
Celsius Hacked
The Crypto Rewards company Celsius Network recently had their 3rd party marketing server compromised. The attackers accessed their customer information and sent out phishing emails asking customers to sign up for a new wallet, and link any other existing wallets to it. If the customers fell for the scam, the cryptocurrency in their other wallets would have been stolen.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker