Exchange Server Attackers Launched Scans Within Five Minutes of Disclosure
Phil Muncaster UK / EMEA News Reporter , Infosecurity Magazine
The
2021 Cortex Xpanse Attack Surface Threat Report from Palo Alto Networks was compiled from scans of 50 million IP addresses associated with 50 global enterprises, carried out January-March 2021.
The report revealed that as soon as new vulnerabilities are announced by vendors, attackers rush to take advantage, utilizing cheap cloud computing power to back their efforts.
“Scans began within 15 minutes after CVE announcements were released between January and March. Attackers worked faster for the Microsoft Exchange Server zero-days, launching scans within five minutes of Microsoft’s March 2 announcement,” the report noted.
Malicious scans for at-risk systems start minutes after disclosure
Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes
Share this item with your network: By Published: 20 May 2021 12:45
Malicious actors begin to scan for at-risk systems within an average of 15 minutes of the disclosure of a new Common Vulnerability and Exposure (CVE), and in many instances much quicker than that – scans for vulnerable Microsoft Exchange Server deployments began within five minutes back in March 2021.
This is according to newly released statistics collated by Palo Alto Networks’ Cortex Xpanse research team, which studied the public-facing attack surfaces of 50 global enterprises between January and March, monitoring scans of 50 million IP addresses.
(Image: Getty)
Parents have received almost no tech support from schools while their children have been learning from home over the past year. So in addition to serving as short-order cooks and hall monitors, parents have also had to become IT experts.
With all the required software, hardware, and online tools, it’s inevitable that your child will need your help setting something up. However, instead of trying to fix things while on camera and potentially embarrassing your kid, you can help out remotely, if you are both on a Mac.
Just as Windows has its Remote Desktop Connection solution, Apple’s screen-sharing feature in Messages and built-in Virtual Network Computing (VNC) client. Both will allow you to remote into their Mac to troubleshoot issues without interrupting their learning session, or showing up on camera in whatever you’re calling work attire these days.
Come on in and enjoy our unprotected FTP server and unsigned configuration files Share
Copy
Dell, which pitches its Wyse ThinOS as the most secure thin client operating system, plans to publish an advisory on Monday for two severe security vulnerabilities.
CVE-2020-29491 and CVE-2020-29492 are both critical flaws, managing a perfect (although unwelcome) CVSS score of 10 out of 10. The vulnerabilities, which affect all Dell Wyse Thin Clients running ThinOS versions 8.6 or earlier, allow more or less anyone to remotely run malicious code and to access arbitrary files on vulnerable devices.
The issues were identified by security biz CyberMDX, which said in its disclosure, The profound potential impact of these vulnerabilities coupled with the relative ease of exploitation is what makes them so critical.