{"uuid": "de370344-194a-4870-ae4d-154a0a3d2a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35211", "type": "seen", "source": "https://t.me/auraxchan/14575", "content": "\u201eMicrosoft has revealed that a new SolarWinds cyber-attack was operated by a group of hackers from China.\n\nA Microsoft Threat Intelligence Centre (MSTIC) team detected a zero-day remote code execution exploit, being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks.\n\n\u201cMSTIC attributes this campaign with high confidence to DEV-0322, a group operating out of China, based on observed victimology, tactics, and procedures,\u201d the company said in an update on Wednesday.\nThe zero-day attack was first spotted in a routine Microsoft 365 Defender scan.\n\n\u201cThe vulnerability being exploited is CVE-2021-35211, which was recently patched by SolarWinds. We strongly urge all customers to update their instances of Serv-U to the latest available version,\u201d Microsoft advised.\u201c\n\n@auraxchan\nhttps://kalingatv.com/technology/solar-winds-cyber-attack-was-operated-by-chinese-hackers-mstic/", "creation_timestamp": "2021-07-17T01:56:47.000000Z"}