Patch it NOW: Patch Tuesday walloped us with four exciting new RCE vulnerabilities for on-prem Exchange servers. Thankfully no known exploits and Cloud servers are safe. But if you have on-premise Exchange, stop reading and get patching. Please
Patch it Now: per Malwarebytes Lab, There are active exploits 2 vulnerabilities, CVE-2021-21206 and 21220, affecting the Chrome browser but also Edge, Brave and Vivaldi. You can let Google update Chrome automagically but better to make sure it does. Based on current malware trends, there are a hella lot more browser exploits happening.
Buyer Be Wary: per Threatpost. We know a lot of nasty stuff finds its way into GooglePlay store and Google sites. ESentire wrote a report detailing a hundred thousand malicious web pages loaded with malware, awaiting victims sent there via SEO tactics, all for the sake of an invoice template.
This drive-by-download compromise is increasing, bacause it works. And given the new way or working remote, the potential for individual compromise to become corporate is definitely a concern. Case in point: a victim in FI who sought a free version of a document and trusted their search results via Google to a Google site page where threat actors took over. Given these are cybercriminals at work, their dirt RATs are all about “show me the money”.