CISA and NSA have issued guidance for securing Microsoft Exchange servers, emphasizing best practices like strong authentication, minimizing attack surfaces, and decommissioning outdated servers, especially after recent vulnerabilities and attacks exploiting Exchange flaws. They recommend migrating to Microsoft 365, enabling multi-factor authentication, applying security patches, and monitoring for suspicious activity to prevent breaches.
Microsoft left an Azure-hosted server containing sensitive data linked to its Bing search engine open to the internet without password protection, potentially exposing passwords, keys, and credentials of its employees. The exposed credentials could have led to significant data leaks and compromised services. The company was notified about the vulnerability on February 6th and locked it down by March 5th. This incident adds to a series of cybersecurity mishaps for Microsoft, prompting the company to overhaul its security practices.
Security researchers have identified a severe vulnerability in ownCloud, an open-source filesharing server app, that allows hackers to gain full control of vulnerable servers. The vulnerability, rated with a severity score of 10, enables attackers to obtain passwords and cryptographic keys by sending a simple web request to a static URL. Researchers have observed "mass exploitation" of the vulnerability, with the number of IP addresses attempting to exploit it steadily increasing. While some experts believe the threat may be limited due to specific conditions required for exploitation, there are still concerns given the large number of ownCloud servers in use. ownCloud has also recently fixed two other high-severity vulnerabilities. Users are advised to follow mitigation steps provided by ownCloud to protect their systems.
Hackers are actively exploiting the BleedingPipe remote code execution vulnerability in Minecraft mods to take control of servers and players' devices. The vulnerability, caused by incorrect use of deserialization, allows attackers to send crafted network packets to vulnerable servers, enabling them to install malware on connected devices. The flaw impacts numerous Minecraft mods, and a threat actor is actively scanning for vulnerable servers. To protect against BleedingPipe, users should update impacted mods or migrate to fixed forks, use the PipeBlocker mod, and scan for suspicious files.
