Blog

NetStandard's Security Minute Series  In this week's big-game ransomware news, Revil announced that they have attacked Quanta, a Taiwanese computer manufacturer. Quanta is notable because the company is one of Apple's largest suppliers, and manufactures MacBooks...

NetStandard's Security Minute Series  This past week was Patch Tuesday! This month includes new patches for Microsoft Exchange. The new Exchange vulnerabilities are not known to be exploited in the wild….yet….though with the increased attack focus on Exchange...

Your Data Is More Valuable Than Your Device Because it's 2021, and the entire IT industry has spent literal decades telling everyone they need backups, I'm sure you have a backup system in place. Hopefully you sleep well at night, confident that the backup system you...

NetStandard's Security Minute Series We have all seen the "fake tech support" scams, or the various similar ones that all involve talking to a scammer in a (usually foreign) datacenter somewhere. KnowBe4 called one of these scammers and documented the whole process....

NetStandard's Security Minute Series Since the release of ransomware targeting the new Exchange vulnerabilities (which Scott discussed last week), the number of attacks has grown by 10X. This has become the most significant software vulnerability in a very long...

NetStandard's Security Minute Series So the Exchange attacks just keep getting worse. The estimated number of affected Exchange servers is up into the tens of thousands (I've seen some estimates in the hundreds of thousands!), and there are at least 10 other attack...

Last week, it was widely reported that four previously unknown or “zero-day” vulnerabilities in Microsoft’s Exchange Server software were being actively exploited by groups of cyber attackers. These defects could allow attackers to steal data or deploy malicious...

NetStandard's Security Minute Series The biggest news of the week: Microsoft announced emergency out-of-band patches for Exchange Server, to fix 4 actively exploited 0-day vulnerabilities. There are many, many reports of hundreds of servers being compromised -...

NetStandard's Security Minute Series There's a new critical vulnerability in vCenter, allowing an attacker to use port 443 to gain root access to vCenter. Even if you don't have port 443 exposed to the internet, an attacker that breaches an end-user PC (from a...

NetStandard's Security Minute Series  This is scary: The IT monitoring software Centreon was attacked, and allowed the Sandworm group access to Centreon for 3 years. IT monitoring software is generally very trusted software, with visibility to everything inside a...