Over the past several months, Microsoft has been having a bit of a bad run with their popular email server platform: Exchange. Earlier this year, a nation-state group referred to as HAFNIUM was found to be exploiting Exchange servers with a set of high-impact vulnerabilities–an authentication bypass and a remote ... Read More

PrintNightmare Summary On June 8th, CVE-2021-1675 was patched by Microsoft and classed as a Local Privilege Escalation. However, recent research has shown that the patch was not complete, and can also be exploited remotely. This means that the severity of the vulnerability is considerably higher, and that it can be ... Read More

Hurricane Labs is aware of the recent collection of vulnerabilities published by F5 in March, 2021. The advisory acknowledges over 21 vulnerabilities in total: four critical, seven high, and ten medium CVEs in total. Of particular concern is CVE-2021-22986: iControl REST interface unauthenticated remote command execution. Summary of the Vulnerability ... Read More

Hurricane Labs is aware of the recent reports from Volexity and Microsoft regarding Operation Exchange Marauder. Microsoft refers to the threat actors utilizing these vulnerabilities as HAFNIUM. At the present time, Microsoft Exchange 2013 through 2019 have been confirmed to be vulnerable, while Microsoft Office 365 is not impacted. The ... Read More

Hello there, and welcome back! If you're just now tuning in, I've decided to do a collection of blog posts on what I think are going to be major cybersecurity topics this coming year.  In the first blog post, I introduced you to what a supply chain attack is, why ... Read More

Hey there, and happy New Year. I wanted to take a moment and write about what I think the coming year is going to look like for information security professionals. This is going to be an introductory post to a multi-part series of blogs so I can talk about different ... Read More

Recently, Microsoft and FireEye have announced the discovery of a new advanced threat group utilizing an IT monitoring software vendor as a means to enable access to other targets. This type of an attack is referred to as a “supply chain attack” or a “watering hole attack.” What is a ... Read More

Recently, Microsoft and FireEye have announced the discovery of a new advanced threat group utilizing an IT monitoring software vendor as a means to enable access to other targets. This type of an attack is referred to as a "supply chain attack" or a "watering hole attack."  What is a ... Read More

Recently, the information security vendor FireEye has made it in the news as the latest victim to suffer a breach. FireEye is stating that their suite of Red Team Tools were among the assets and data that the threat actors retrieved. What is a red team? What are Red Team Tools? ... Read More

Recently, the information security vendor FireEye has made it in the news as the latest victim to suffer a breach. FireEye is stating that their suite of Red Team Tools were among the assets and data that the threat actors retrieved.  What is a red team? What are Red Team ... Read More