This Month Includes New Patches for Microsoft Exchange

NetStandard’s Security Minute Series 

This past week was Patch Tuesday! This month includes new patches for Microsoft Exchange. The new Exchange vulnerabilities are not known to be exploited in the wild….yet….though with the increased attack focus on Exchange these days, exploits will surely come soon. Patch now! April 2021 Security Updates – Release Notes – Security Update Guide – Microsoft
As IT professionals, we often get messages from recruiters about new job opportunities. Be careful with these – a spearphishing campaign is using fake job offers to distribute a backdoor trojan named more_eggs. Don’t be a victim! eSentire | Hackers Spearphish Professionals on LinkedIn with Fake Job…
A Kansas man was indicted for allegedly hacking into the Ellsworth County water system and tampering with the water supply. This is a different case from the one in Florida a couple months ago, and shows that attacks on US infrastructure are becoming more common: INDICTMENT: KANSAS MAN INDICTED FOR TAMPERING WITH A PUBLIC WATER SYSTEM | USAO-KS | Department of Justice
The managed services provider CompuCom, with customers including Target, Citibank, and Wells Fargo, was hit with the DarkSide ransomware in March. The company is expecting a loss of over $20 million dollars from the incident: CompuCom MSP expects over $20M in losses after ransomware attack (bleepingcomputer.com)
Speaking of DarkSide, the ransomware group recently gave an interview that sheds some light on how the group thinks: A chat with DarkSide (databreaches.net)
The Clop ransomware is on the rise, targeting a wide variety of industries. Palo Alto released a very detailed writeup of how it works and how to defend against it: Threat Assessment: Clop Ransomware (paloaltonetworks.com)
Shall we play a game? Microsoft has released a toolkit called CyberBattleSim, which is essentially a game simulating a security breach. The results are used to improve machine learning models to better automate network security: Gamifying machine learning for stronger security and AI models – Microsoft Security

• The GitHub project is here: GitHub – microsoft/CyberBattleSim

Think it’s always safe to open txt files in email? Think again: a-txt-file-can-steal-all-your-secrets (360totalsecurity.com)
On another note…

• KnowBe4 is preparing to go public with an IPO: KKR-backed cybersecurity firm KnowBe4 aims for $3 bln valuation in U.S. IPO (yahoo.com)
• NASA can install software patches on a helicopter on Mars, you can install patches on your computer: NASA Says Oops, Mars Helicopter Needs Software Update to Fly (futurism.com)
• If you failed to clean up your Exchange servers from the recent zerologon attacks, the FBI might have secretly cleaned it up for you: FBI Accesses Computers Around Country to Delete Microsoft Exchange Hacks (vice.com)