Threat Actors Exploiting Log4j vulnerabilities propagated via SolarWinds Serv-U software

The cybersecurity researchers at Microsoft have recently identified a security flaw in SolarWinds Serv-U software that is exploited by the hackers to execute Log4j attacks to compromise the network of their victims. While monitoring attacks using Log4j, the Microsoft expert, Jonathan Bar discovered this vulnerability which is tracked as “CVE-2021-35247.” However, SolarWinds has already fixed […]

Continue Reading

Chinese Hackers Exploiting Log4Shell Vulnerability & Attack Internet-Facing Systems

The Chinese hackers are actively exploiting the Log4Shell Vulnerability in the Log4j library and it is identified as “CVE-2021-44228.” Microsoft experts have claimed that Chinese hackers are targeting the companies and individuals with a new ransomware strain for double extortion, “Night Sky.” In this ongoing ransomware operation, the hackers are exploiting the CVE-2021-44228 which is […]

Continue Reading

The 5 Stages of a Credential Stuffing Attack

Collecting Credentials Many of us are fond of collecting things, but not everyone is excited about Collections #1-5. In 2019, these Collections, composed of ca. 932 GB of data containing billions of email addresses and their passwords, made their way around the Internet. These collections weren’t breaches but compilations of emails and passwords that had […]

Continue Reading