Found 14 bookmarks
Newest
The ticking time bomb of Microsoft Exchange Server 2013
The ticking time bomb of Microsoft Exchange Server 2013
I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied.
#doublepulsar#EN#2023#analysis#ransomware#Microsoft-Exchange#Exchange-Server2013#risk
·medium.com·
The ticking time bomb of Microsoft Exchange Server 2013
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. | by Kevin Beaumont | Dec, 2023 | DoublePulsar
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. | by Kevin Beaumont | Dec, 2023 | DoublePulsar
Credit union technology firm Trellance own Ongoing Operations LLC, and provide a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp…
#doublepulsar#EN#2023#CitrixBleed#analysis
·doublepulsar.com·
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US. | by Kevin Beaumont | Dec, 2023 | DoublePulsar
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises: I thought it would be good to break down what is happening and how they’re doing it, since LockBit are breaching some of the world’s largest organisations — many of whom have incredibly large security budgets. Through data allowing the tracking of ransomware operators, it has been possible to track individual targets. Recently, it has become clear they have been targeting a vulnerability in Citrix Netscaler, called CitrixBleed. Prior reading:
#doublepulsar#EN#2023#LockBit#ransomware#CitrixBleed
·doublepulsar.com·
LockBit ransomware group assemble strike team to breach banks, law firms and governments.
UK Electoral Commission had an unpatched Microsoft Exchange Server vulnerability
UK Electoral Commission had an unpatched Microsoft Exchange Server vulnerability
You have have read about the hack of the Electoral Commission recently. In this piece we take a look at what happened, show they were running Microsoft Exchange Server with Outlook Web App (OWA) facing the internet, and the unpatched vulnerability that presented.
#doublepulsar#EN#2023#UK#Electoral#Commission#ProxyNotShell
·doublepulsar.com·
UK Electoral Commission had an unpatched Microsoft Exchange Server vulnerability