Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!

The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We've detected mass scanning activity targeting vulnerable VMware vCenter servers (https://t.co/t3Gv2ZgTdt). Query our API for "tags=CVE-2021-21972" for relevant indicators and source IP addresses. #threatintel https://t.co/AcSZ40U5Gp — Bad […]

Continue Reading

Accellion FTA attacks, extortion attempts might be the work of FIN11

Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted organizations. Accellion has also confirmed on Monday that “out of approximately 300 total FTA clients, fewer than 100 were victims of the attack.” A little bit of background information Starting in December 2020, unknown […]

Continue Reading

Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source code

Microsoft has completed its internal investigation about the Solorigate (SolarWinds) security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions. The attackers viewed some files here and there, but they also managed to download source code from a “small number of repositories,” and this includes the code […]

Continue Reading

Top 10 most used MITRE ATT&CK tactics and techniques

Which tactics and techniques are cyber attackers favoring? vFeed has compiled a list of the Top 10 Most Used MITRE ATT&CK Tactics and Techniques to help security teams focus their defenses more effectively. MITRE ATT&CK helps understand attacker behavior The MITRE ATT&CK framework is a well known and widely used knowledge base of cyber adversary […]

Continue Reading

Accellion to retire enterprise file-sharing product targeted in recent attacks

U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by attackers to breach a variety of organizations, including the Australian Securities and Investments Commission, the Washington State Auditor Office, and Singapore telecom Singtel. What is Accellion FTA? Accellion FTA (File Transfer Appliance) is […]

Continue Reading