The Week In Review 12/04-16/04

The Week In Review 12/04 – 16/04

More than a month has passed since the start of the Exchange Server flaws revelation. While researchers have been trying to analyse the vulnerabilities since the beginning of this saga, some new discoveries have been made. This is the case of the NSA who discovered other bugs in the Exchange Server version 2013, 2016 and 2019. Like the previous vulnerabilities discovered, if exploited, they could allow executing code remotely on a targeted computer.

The multinational software corporation SAP announced that they patched a critical vulnerability known as CVE-2021-27602. Attackers could achieve remote code execution as an authorised user of the SAP Commerce Backoffice software and would be able to inject malicious code in source rules using the scripting capabilities of the Rules engine.

Chrome has not been spared this week again as they confirmed two zero-day remote code execution vulnerabilities were found. Since the start of 2021, the zero-day discoveries have been multiplying for Chrome, forcing them to rush emergency patches for the third time already.

Last week we were explaining the merge of cybercriminal mafias into one big cartel. Days have passed and there is more information on it. Thanks to researchers, we can now see more clearly the inter-connection behind the scenes of cybercrimes that occur. Although the groups are not yet sharing any financial profit, they already share victims’ data, infrastructures, tactics, and malware efficacy.

Read about all of this and more below:

NSA says it found new critical vulnerabilities in Microsoft Exchange Server


Released: April 2021 Exchange Server Security Updates


Another Critical Vulnerability Patched in SAP Commerce


Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits


For the second time in a week, a Google Chromium zero-day released online


Ransom Mafia – Analysis of the World’s First Ransomware Cartel


How ransomware gangs are connected, sharing resources and tactics


Find out how we can help with your cyber challenge

Please enter your contact details using the form below for a free, no obligation, quote and we will get back to you as soon as possible. Alternatively, you can email us directly at [email protected]

Related Posts


Dionach Achieves JOSCAR Registration

A Milestone in Aerospace, Defence, and Security Compliance We are thrilled to announce that Dionach is now a registered supplier on the defence portal JOSCAR, managed by Hellios. This significant achievement underscores our commitment to excellence and compliance in the aerospace, defence, and security sectors. Being JOSCAR registered not only reflects our dedication to maintaining […]

Dionach Joins the ADS Group

A New Chapter in Aerospace, Defence, and Space Innovation We are thrilled to announce that Dionach has been officially approved as a member of ADS, the UK’s premier Aerospace, Defence, and Space industry trade association! This prestigious certification underscores our commitment to excellence and innovation within these critical sectors. As an ADS member, we look […]

Dynamic Cybersecurity: Latest Trends and Updates

In today’s interconnected digital world, the field of cybersecurity is constantly evolving to keep up with emerging threats and vulnerabilities. Staying updated with the latest developments is crucial for individuals and organisations alike to protect their sensitive information from malicious actors. In this blog post, we will explore some of the most significant updates and […]
Contact Us

Contact Us React out to one of our cyber experts and we will arrange a call