A critical vulnerability identified as CVE-2024-21410 in Microsoft Exchange Server is currently under active exploitation, with attackers gaining the ability to hijack user accounts and achieve admin-level control. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has responded by adding this flaw, along with other Microsoft Windows bugs, to its Known Exploited Vulnerabilities catalog. Additionally, CISA has issued warnings about hackers exploiting a security flaw, CVE-2020-3259, in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software in connection with Akira ransomware attacks. In a related cybersecurity incident, a state government organization's network was compromised through the use of credentials from a former employee's administrator account, highlighting the risks associated with inactive accounts.
CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog: https://t.co/QpAWcxIeK9 by Security Affairs #infosec #cybersecurity #technology #news
⚠️ CISA warns of hackers exploiting a security flaw (CVE-2020-3259) in #Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software in Akira #ransomware attacks. Learn more: https://t.co/l8tqH34IrZ #cybersecurity #hacking #malware
Ex-Employee’s Admin Credentials Used in US Gov Agency Hack #cybersecurity https://t.co/BYxFvMfiQy
U.S. CISA: hackers breached a state government organization: https://t.co/KsnoFMABOR by Security Affairs #infosec #cybersecurity #technology #news
U.S. State Government Network Breached via Former Employee's Account: https://t.co/xjdarh84It by The Hacker News #infosec #cybersecurity #technology #news
Think twice before leaving old employee accounts active! CISA reports a major cyber attack on a state government organization. Attackers used leaked credentials from a former employee's administrator account to breach the network. Read: https://t.co/jFAZjA6KhN #cybersecurity
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug: https://t.co/uTtvrHfpMW by darkreading #infosec #cybersecurity #technology #news
We partnered with @CISecurity MS-ISAC to publish an advisory on on a threat actor that compromised network administrator credentials to conduct malicious activity at a state govt org. Follow our advisory for mitigations & technical details: https://t.co/O4xIuTSGOs https://t.co/KUGqCreAT3
CISA adds Microsoft Windows bugs to its Known Exploited Vulnerabilities catalog: https://t.co/a21S6ioxQY by Security Affairs #infosec #cybersecurity #technology #news
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation: https://t.co/ilITSb80KG by The Hacker News #infosec #cybersecurity #technology #news
⚠️ Attention, Sysadmins! A newly discovered critical #vulnerability (CVE-2024-21410) in #Microsoft Exchange Server is currently being actively exploited. Details here → https://t.co/5M0IxD6eTX Attackers can hijack user accounts & gain admin-level control. Update ASAP!