News
Patch Tuesday Release Includes Fix for Actively-Exploited Flaw

Microsoft released its monthly patches this week to fix 128 vulnerabilities, including 10 rated as critical, 115 as important, and three flagged as moderately severe. One of the vulnerabilities (CVE-2022-24521 Windows...

Read more
News
China-Based Ransomware Operator Exploiting Log4j Vulnerability

Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes...

Read more
News
November’s Patch Tuesday Includes 55 Patches

Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch Tuesday released 55 patches, six of which were categorized as “critical,” four...

Read more
News
Apple + Microsoft Release Patches for Identified Vulnerabilities

This week, both Apple and Microsoft issued patches to fix serious zero-day vulnerabilities that should be applied as soon as possible. That means that if you have an iPhone or iPad,...

Read more
News
Passwords Used by Iranian-Backed Hackers Against Defense Contractors

When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to...

Read more
News
Episode 225: Unpacking the Azure CHAOS DB Flaw with Nir Ohrfeld of Wiz

We’re joined by Nir Ohfeld of Wiz. Nir helped discover the recent CHAOS DB flaw in Azure COSMOS DB, the flagship database for Microsoft’s Azure cloud platform. The post Episode 225: Unpacking...

Read more
News
Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability

Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT)  Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...

Read more
News
Microsoft Customers Warned of Targeted Scams by NOBELLIUM

Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch...

Read more
News
Microsoft Releases Additional Resources for Exchange Flaws and CISA Issues Alert

As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is estimated to affect at least 30,000 companies based in the United States....

Read more
News
Microsoft Urges Customers to Patch Exchange Server “Zero Day” Vulnerabilities

In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0-day exploits...

Read more