Author: Rahil Karedia

Multiple threat actors, including Hafnium, LuckyMouse, Calypso, Winnti, Bronze Butler, Websiic, Tonto, Mikroceen, and DLTMiner, are actively targeting four zero-day Microsoft Exchange vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in their targeted malware attacks and hacking campaigns. These threat actors managed to compromise nearly 30,000 Microsoft Exchange servers located within the United States. Approximately 7,000 organizations worldwide […]

Brief about the vulnerability The security feature bypass vulnerability (CVE-2020-0689) allows attackers to bypass the secure boot feature and load untrusted or malicious software during the Windows boot-up process. While this vulnerability created panic among Microsoft customers, Microsoft released a security update (KB4535680) to tackle the same. But the update has caused further inconvenience to […]