16 March 2021 Weekly Newsletter

 

BOCRA website

 

     

NEWSLETTER

Microsoft Exchange exploits now used by cryptomining malware


                                                     LATEST CYBER HACKS 

 
 

Z

 

Hackers hit 32 Indian firms via Microsoft email servers

At least 32 Indian organisations have been attacked by hackers who exploited vulnerabilities in unpatched Microsoft business email servers, a new report warned on Monday, adding that the finance and banking institutions have been hit the most in the country.

 

Canada Revenue Agency locks out over 800,000 online accounts

The Canada Revenue Agency locked more than 800,000 taxpayers out of its online platform on Saturday after an investigation revealed that some usernames and passwords may have been obtained by "unauthorized third parties."


                                                      VULNERABILITIES

 
 

icon

 

15-year-old Linux kernel bugs let attackers gain root privileges

Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems.

icon

 

Serious Zero-Day Bug Found In Plus Addons For Elementor WordPress Plugin

WordPress admins! A critical zero-day bug existed in the Plus Addons for Elementor plugin. Since the developers have released the fix, make sure to update your websites at the earliest with plugin version 4.1.7.

icon

 

Google Fixed yet Another Actively Exploited zero-day Vulnerability in the Chrome Browser

Once again Google has fixed another Zero-day vulnerability in the Chrome browser, and this is the second vulnerability that has been recently fixed by Google. 

Z

 

Serious Vulnerabilities Found in Schneider Electric Power Meters

Industrial cybersecurity firm Claroty this week disclosed technical details for two potentially serious vulnerabilities affecting PowerLogic smart meters made by Schneider Electric.


                                     MALWARES

 
 

icon

 

Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits

Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities.Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.

icon

 

Microsoft fixes Office issue causing memory, disk space errors

Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. This known issue only affects customers who have installed Microsoft Office apps from the Microsoft Store and are trying to open an Office document that triggers the Protected View feature.

2Q==

 

ZHtrap botnet deploys honeypots to trap&steal bots from rivals

Security researchers discovered last week a new IoT botnet that deploys honeypots to capture attacks from rival botnets and then uses that information to hijack its rivals’ infrastructure.


                               GENERAL NEWS

 
 

2Q==

 

Password reuse defeats the purpose of passwords

When a person reuses the same password across multiple accounts, one account’s exposure puts all the others at risk. To prevent this, cybersecurity awareness programs must emphasize the importance of passwords: how to create them, use them, and how to use a password manager.

icon

 

Twitter now supports multiple 2FA security keys on mobile and web

Twitter has added support for multiple security keys to accounts with two-factor authentication (2FA) enabled for logging into the social network's web interface and mobile apps.

COMM-CIRT

Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana

+2673929961

Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT