Microsoft patches 62 vulnerabilities, including Kerberos, and Mark of the Web, and Exchange…sort of
Credit to Author: Matt Wixey| Date: Tue, 08 Nov 2022 18:05:18 +0000
Still no fix for ProxyNotShell, but two MOTW bypasses get squashed
Read moreMicrosoft
Stopping C2 communications in human-operated ransomware through network protection
Credit to Author: Katie McCafferty| Date: Thu, 03 Nov 2022 16:00:00 +0000
Providing advanced protection against increasingly sophisticated human-operated ransomware, Microsoft Defender for Endpoint’s network protection leverages threat intelligence and machine learning to block command-and-control (C2) communications.
The post Stopping C2 communications in human-operated ransomware through network protection appeared first on Microsoft Security Blog.
Read moreDEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
Credit to Author: Katie McCafferty| Date: Tue, 25 Oct 2022 16:00:00 +0000
In recent months, Microsoft has detected active ransomware and extortion campaigns impacting the global education sector, particularly in the US, by a threat actor we track as DEV-0832, also known as Vice Society.
The post DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector appeared first on Microsoft Security Blog.
Read moreA week in security (October 17 – 23)
Categories: News Tags: week in security Tags: awis Tags: typosquatting Tags: cyberstalking Tags: Snapchat Tags: student loan relief scam Tags: Gas Tags: LAPSUS$ Tags: Microsoft Tags: Ducktail Tags: Venus Tags: ransomware Tags: BYOD Tags: SMB security tips Tags: Log4Text Tags: DeadBolt Tags: spot a scam Tags: FaceStealer Tags: fake tractor fraud Tags: ThermoSecure The most important and interesting computer security stories from the last week. |
The post A week in security (October 17 – 23) appeared first on Malwarebytes Labs.
Read moreMicrosoft breach reveals some customer data
Categories: News Tags: Microsoft Tags: breach Tags: data Tags: exposed Tags: exposure Tags: endpoint We take a look at word of accidental data exposure leading to a reveal of Microsoft customer data. |
The post Microsoft breach reveals some customer data appeared first on Malwarebytes Labs.
Read moreMicrosoft fixes driver blocklist placing users at risk from BYOVD attacks
Categories: News Tags: BYOVD Tags: bring your own vulnerable driver Tags: blocklist Tags: microsoft Tags: windows updates We take a look at reports that Microsoft’s driver blocklist hadn’t been updated for three years, leaving people at risk from BYOVD attacks. |
The post Microsoft fixes driver blocklist placing users at risk from BYOVD attacks appeared first on Malwarebytes Labs.
Read moreS3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw” [Audio + Text]
Credit to Author: Paul Ducklin| Date: Thu, 20 Oct 2022 16:54:12 +0000
The coolest video game ever! And lots of solid cybersecurity advice – listen now!
Read moreZero-day flaws mean it's time to patch Exchange and Windows
This month’s Patch Tuesday update from Microsoft deals with 84 flaws and a zero-day affecting Microsoft Exchange that at the moment remains unresolved. The Windows updates focus on Microsoft security and networking components with a difficult-to-test update to COM and OLE db. And Microsoft browsers get 18 updates—nothing critical or urgent.
Zero-days flaws mean it's time to patch Exchange and Windows
This month’s Patch Tuesday update from Microsoft deals with 84 flaws and a zero-day affecting Microsoft Exchange that at the moment remains unresolved. The Windows updates focus on Microsoft security and networking components with a difficult-to-test update to COM and OLE db. And Microsoft browsers get 18 updates—nothing critical or urgent.
Serious Security: Microsoft Office 365 attacked over feeble encryption
Credit to Author: Paul Ducklin| Date: Fri, 14 Oct 2022 16:59:25 +0000
How 2022 is your encryption?
Read more