Microsoft Exchange has zero days - make sure to update!, 3 new malware strains related to SolarWinds were found, and passenger data for multiple airlines were compromised in a breach! All that coming up now on ThreatWire.
 #threatwire #hak5

Links:
Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins and users.

Watch this on youtube: https://youtu.be/NzmvkeEbp6I

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://teespring.com/stores/morsecode 

Support ThreatWire!  https://www.patreon.com/threatwire 

Links:
0:00 Welcome!

Microsoft Exchange
https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/
https://arstechnica.com/information-technology/2021/03/microsoft-issues-emergency-patches-for-4-exploited-0days-in-exchange/
https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26858
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27065
https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b
https://www.bleepingcomputer.com/news/security/microsoft-fixes-actively-exploited-exchange-zero-day-bugs-patch-now/
https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange.nse
https://threatpost.com/microsoft-exchange-zero-day-attackers-spy/164438/
https://www.bleepingcomputer.com/news/security/state-hackers-rush-to-exploit-unpatched-microsoft-exchange-servers/
https://www.zdnet.com/article/update-immediately-microsoft-rushes-out-patches-for-exchange-server-zero-day-attacks/
https://www.cyberscoop.com/dhs-microsoft-exchange-flaws-patch-china/
https://cyber.dhs.gov/ed/21-02/
https://www.cnet.com/news/microsoft-exchange-attackers-strike-more-than-30000-us-organizations/
https://twitter.com/C_C_Krebs/status/1368004411545579525
https://www.cyberscoop.com/microsoft-exchange-server-czech-republic-norway-hafnium-chinese-hackers/
https://www.cyberscoop.com/exchange-server-microsoft-hacks-china-biden/

SolarWinds malware strains - 3 new ones
https://www.cyberscoop.com/white-house-executive-order-software-solarwinds-neuberger/
https://www.microsoft.com/security/blog/2021/03/04/goldmax-goldfinder-sibot-analyzing-nobelium-malware/
https://www.bleepingcomputer.com/news/security/microsoft-reveals-3-new-malware-strains-used-by-solarwinds-hackers/
https://www.cyberscoop.com/researchers-uncover-four-more-malware-strains-linked-to-solarwinds-hackers/
https://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html

SITA
https://threatpost.com/supply-chain-cyberattack-airlines/164549/
https://www.bleepingcomputer.com/news/security/sita-data-breach-affects-millions-of-travelers-from-major-airlines/
https://www.sita.aero/pressroom/news-releases/sita-statement-about-security-incident/
https://www.zdnet.com/article/singapore-airlines-frequent-flyer-members-hit-in-third-party-data-security-breach/
https://www.singaporeair.com/en_UK/sg/media-centre/news-alert/?id=kltm93p0

Photo credit:
https://www.windowsmanagementexperts.com/wp-content/uploads/2020/11/Microsoft-building-.jpg

 

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → https://www.hak5.org
Shop →  http://hakshop.myshopify.com/
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
Threat Wire RSS → https://shannonmorse.podbean.com/feed/
Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

Host: Shannon Morse → https://www.twitter.com/snubs
Host: Darren Kitchen → https://www.twitter.com/hak5darren
Host: Mubix → http://www.twitter.com/mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Watch Now:
Share | Download(Loading)
Podbean App

Play this podcast on Podbean App