News from the different realms of Cybersecurity
Google responds quick to the actively exploited Chrome zero day bug to shutdown the cyberattacks observed from two threat groups in North Korea.
BleepingComputer – “Emergency Google Chrome update fixes zero-day used in attacks” : https://www.bleepingcomputer.com/news/security/emergency-google-chrome-update-fixes-zero-day-used-in-attacks/
New Law in China Requires Researchers to Report All Zero-Day Bugs to Government
— Read on thehackernews.com/2021/07/chinas-new-law-requires-researchers-to.html
“Hackers used SolarWinds zero-day bug to target US Defense orgs” via Lawrence Abrams | Bleeping Computer
“China-based hackers actively target US defense and software companies using a vulnerability in the SolarWinds Serv-U FTP server.
Today, SolarWinds released a security update for a zero-day vulnerability in Serv-U FTP servers that allow remote code execution when SSH is enabled.
According to SolarWinds, this vulnerability was disclosed to Microsoft, who saw a threat actor actively exploiting the vulnerability to execute commands on vulnerable customer’s devices.”
More detail: https://www.bleepingcomputer.com/news/microsoft/hackers-used-solarwinds-zero-day-bug-to-target-us-defense-orgs/
Cybersecurity Today