Authorities remove web shells from compromised Exchange servers

Law enforcement steps in to thwart attacks leveraging the recently-disclosed Microsoft Exchange Server vulnerabilities. The United States’ Federal Bureau of Investigation (FBI) has carried out a court-approved operation to “copy and remove” malicious web shells from hundreds of systems across the US that were compromised through the mass exploitation of zero-day flaws in Microsoft Exchange … More Authorities remove web shells from compromised Exchange servers

Google fixes Chrome zero‑day bug exploited in the wild

The latest update patches a total of five vulnerabilities affecting the browser’s desktop versions. Google has rolled out an update for its Chrome web browser that fixes five security flaws, including a zero-day vulnerability that is known to be actively exploited by malicious actors. The bugs affect the Windows, macOS, and Linux versions of the … More Google fixes Chrome zero‑day bug exploited in the wild

Microsoft patches actively exploited Windows kernel flaw

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical. Yesterday was the second Tuesday of the month, which means that Microsoft is rolling out patches for security vulnerabilities found in Windows and its other products. This year’s second batch of security updates brings … More Microsoft patches actively exploited Windows kernel flaw