Search results
Results from the Health.Zone Content Network
On 12 March 2021, Microsoft announced the discovery of "a new family of ransomware" being deployed to servers initially infected, encrypting all files, making the server inoperable and demanding payment to reverse the damage. On 22 March 2021, Microsoft announced that in 92% of Exchange servers the exploit has been either patched or mitigated.
Microsoft Exchange Server. In February 2021 Microsoft determined that the attackers had downloaded a few files "(subsets of service, security, identity)" apiece from "a small subset of Azure components" "a small subset of Intune components" "a small subset of Exchange components" None of the Microsoft repositories contained production credentials.
Hafnium (group) (Redirected from HAFNIUM (group)) Hafnium (sometimes styled HAFNIUM; also called Silk Typhoon by Microsoft [1]) is a cyber espionage group, sometimes known as an advanced persistent threat, with alleged ties to the Chinese government. [2] [3] [4] Hafnium is closely connected to APT40. [5]
February 8: Foxconn is hacked by a hacker group, "Swagg Security", releasing a massive amount of data including email and server logins, and even more alarming—bank account credentials of large companies like Apple and Microsoft. Swagg Security stages the attack just as a Foxconn protest ignites against terrible working conditions in southern ...
GooseEgg is the name used by Microsoft to describe an exploit tool used by the Russian hacking group Forest Blizzard (also known as Fancy Bear and other names) to exploit CVE-2022-38028, a software vulnerability in Microsoft Windows. [1] The vulnerability is a flaw in the Windows print spooler that grants high privilege access to an attacker.
PrintNightmare is a critical security vulnerability affecting the Microsoft Windows operating system. [2] [4] The vulnerability occurred within the print spooler service. [5] [6] There were two variants, one permitting remote code execution (CVE-2021-34527), and the other leading to privilege escalation (CVE-2021-1675).
Ivanti Pulse Connect Secure data breach. On April 20, 2021, it was reported that suspected Chinese-state backed hacker groups had breached multiple government agencies, defense companies and financial institutions in both the US and Europe after the hackers created and used a Zero-day exploit for Ivanti Pulse Connect Secure VPN devices.
China Chopper is a web shell approximately 4 kilobytes in size, first discovered in 2012. This web shell is commonly used by malicious Chinese actors, including advanced persistent threat (APT) groups, to remotely control web servers. This web shell has two parts, the client interface (an executable file) and the receiver host file on the ...