Hewlett Packard Enterprise also searched by Cozy Bear
Hewlett Packard Enterprise revealed in a filing that it was breached by Russian group Cozy Bear, similar to Microsoft.
Read moreMicrosoft
Russia hacks Microsoft: It’s worse than you think
Another day, another hack of Microsoft technology. Ho-hum, you might think, this has happened before and will happen again — as surely as the sun rises in the morning and sets at night.
This time is different. Because this time the targets weren’t Microsoft customers, but rather the top echelons of Microsoft itself. And the hacker group, called Midnight Blizzard, or sometimes Cozy Bear, the Dukes, or A.P.T. 29, is sponsored by Russia’s Foreign Intelligence Service (and has been since at least 2008).
Microsoft got hacked by state sponsored group it was investigating
Microsoft has acknowledged a cyberattack by Russians state sponsored group Cozy Bear who, it says, was looking how much information Microsoft holds about Cozy Bear.
Read more2024’s first Patch Tuesday steps lightly
Credit to Author: Angela Gunn| Date: Tue, 09 Jan 2024 22:03:14 +0000
Four dozen fixes and a handful of advisories make for the quietest January since 2020
Read moreFor Patch Tuesday, 48 updates, no zero-day flaws
Microsoft has eased us into the new new year with just 48 updates for the Windows, Office and .NET platforms. There were no zero-days for January, and no reports of publicly exposed vulnerabilities or exploited security issues.
Developers of complex, line-of-business applications might need to pay particular attention to how Microsoft has updated the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing before deployment.
The team at Readiness has crafted a useful infographic that outlines the risks associated with each of the updates for this January release.
Patch now! First patch Tuesday of 2024 is here
Microsoft’s patch Tuesday roundup looks like a relatively quiet one. Unless your organization uses FBX files.
Read moreMicrosoft disables ms-appinstaller after malicious use
Microsoft decided to disable App Installer links by default after it noticed several access brokers using the handler to spread malware.
Read moreFor December, an exceptionally light Patch Tuesday
Over the past year, we’ve seen Microsoft make radical improvements in its browser stability and significant positive changes to its Windows update communication and telemetry strategies. And this month’s Patch Tuesday release brings with it an incredibly light set of updates — maybe the fewest number of updates I have ever seen.
There are no zero-days, which is a great finish to 2023, though Windows gets three critical updates and Visual Studio will require immediate attention due to several re-releases of past critical application patches.
The team at Readiness has created a helpful infographic to outline the risks associated with each update in this last release of 2023. One note of caution: we have seen several potential updates to older patches (October/November) potentially coming down the release pipeline from Microsoft. It might be worth checking in during the upcoming holiday break to see whether there are any out-of-band patches for the Windows ecosystem.
Microsoft patches 34 vulnerabilities, including one zero-day
Microsoft and other vendors have released their rounds of December updates on or before patch Tuesday. Update now!
Read moreFrom Microsoft to you, 33 packages
Credit to Author: Angela Gunn| Date: Tue, 12 Dec 2023 22:12:08 +0000
The lightest December Patch Tuesday in years still brings a few lumps of coal for infosec stockings
Read more