CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs.
- Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers
- New QNAP NAS Flaws Exploited In Recent Ransomware Attacks – Patch It!
- Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion
- Researchers Find Additional Infrastructure Used By SolarWinds Hackers
- Cost of Account Unlocks, and Password Resets Add Up