Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Security Spotlight: US Government Agencies Take Action Against Exchange Vulnerabilities and Social Media Giants Leak Data

Published 05/10/2021

Home
Industry Insights
Security Spotlight: US Government Agencies Take Action Against Exchange Vulnerabilities and Social Media Giants Leak Data

This article was originally published by Bitglass here

Written by Jeff Birnbaum, Bitglass

Here are the top security stories from recent weeks.

  • FBI Removes Web Shells from Compromised Exchange Servers Without Notifying Owners
  • CISA Requires Federal Agencies to Patch Exchange Servers for Vulnerabilities Discovered by NSA by Friday April 16
  • Personal Data of 533 Million Facebook Accounts Leaked
  • National Cyberattack Affects Entire University of California System with Data Breach of Personal Information
  • 1.3 Million Clubhouse Users’ Data Posted to Hacker Forum

FBI Removes Web Shells from Compromised Exchange Servers Without Notifying Owners

In a court-approved operation, the FBI removed web shells providing remote access to Microsoft Exchange servers without first notifying the owners of the servers. The backdoors were installed by threat actors earlier in the year using a group of ProxyLogon vulnerabilities. These vulnerabilities have since been patched by Microsoft, who has also since released tools to help victims remove the web shells. The FBI states they proceeded with their operation for fear that owners of still-compromised US-based servers did not have the ability to remove the web shells themselves. A Houston court granted the FBI a search warrant for the web shell removal and allowed a delay providing notice to server owners.

CISA Requires Federal Agencies to Patch Exchange Servers for Vulnerabilities Discovered by NSA by Friday April 16

A series of vulnerabilities for Microsoft Exchange was discovered earlier by the NSA allowing remote code execution. Microsoft released a security update patching these vulnerabilities this Tuesday, and the US Cybersecurity and Infrastructure Security Agency (CISA) has required federal agencies to patch their servers by Friday. While there has not been any indication these vulnerabilities were used in any attacks, CISA requested this action to prevent another large scale attack on Exchange servers similar to the ProxyLogon vulnerability attacks.

Personal Data of 533 Million Facebook Accounts Leaked

533 million Facebook records including Facebook IDs, full names, phone numbers, birthdates, locations have been leaked online. While the data is from 2019 according to Facebook and part of a dataset already available for sale via a Telegram bot, the leaked phone numbers are particularly concerning if abused. Leaked email addresses have been loaded to Have I Been Pwned, run by security expert Troy Hunt, allowing users to check if their email was part of the leaked dataset.

National Cyberattack Affects Entire University of California System with Data Breach of Personal Information

The University of California is the latest institution affected by an earlier cyberattack on third-party vendor Accellion, which provided a file transfer service to the organization. Attackers had exploited four vulnerabilities in Accellion’s file transfer system FTA to gain personal information including phone numbers and Social Security numbers. The UC system joins other higher education institutions including Stanford University’s School of Medicine, as well as large corporations including grocery giant Kroger, as victims of the attack.

1.3 Million Clubhouse Users’ Data Posted to Hacker Forum

The personal data of 1.3 million users of Clubhouse, the iOS invite-only social media app, was posted on a hacker forum. Leaked information includes names, user IDs, photo URL, Twitter and Instagram handles, dates, and profile of who invited the member. Clubhouse, however, denies a breach or hack happened, stating the data is all public profile information available to anyone via their app or API. Security researchers noted that anyone can download Clubhouse members’ public profile information on a mass scale, raising user privacy concerns.

Cyber Incident SharingTop ThreatsVulnerabilities

Share this content on your favorite social network today!

Latest from CSA
Mark Your Calendar for Cyber Monday!
Map the Transaction Flows for Zero Trust
Advance AI Risk Management
Level up with Cloud Infrastructure Security Training
Related Articles:
CSA Community Spotlight: Nerding Out About Security with CISO Alexander Getsin

Published: 11/21/2024

A Vulnerability Management Crisis: The Issues with CVE

Published: 11/21/2024

Top Threat #5 - Third Party Tango: Dancing Around Insecure Resources

Published: 11/18/2024

The Rocky Path of Managing AI Security Risks in IT Infrastructure

Published: 11/15/2024