# SANS ISC

# threatpost.com

# Reddit netsec

# Krebs On Security

  • At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software Fri, 05 Mar 2021 21:07:07 +0000
    At least 30,000 organizations across the United States -- including a significant number of small businesses, towns, cities and local governments -- have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that's focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.
  • Three Top Russian Cybercrime Forums Hacked Thu, 04 Mar 2021 15:01:59 +0000
    Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums' user databases, including email and Internet addresses and hashed passwords.
  • Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails Tue, 02 Mar 2021 21:19:17 +0000
    Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.

# Bruce Schneier's blog

# TWITTER

?>

# WIRED Threat Level

# exploit-db.com

# Securiteam

?>