Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface
One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should…
Fortinet: New FortiOS bug used as zero-day to attack govt networks
Unknown attackers used zero-day exploits to abuse a new FortiOS bug patched this month in attacks targeting government and large…
CISA warns of actively exploited Plex bug after LastPass breach
CISA has added an almost three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog…
Microsoft testing File Explorer access keys, new VPN status icon
Microsoft has released a new Windows 11 preview build with new features such as File Explorer access keys, a new…
Old Windows ‘Mock Folders’ UAC bypass used to drop malware
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old…
Securing cloud workloads with Wazuh – an open source, SIEM and XDR platform
Wazuh is a free, open source security platform that offers Unified XDR and SIEM capabilities. Learn how Wazuh detect and…
Linux Support Expands Cyber Spy Group’s Arsenal
An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems.
Microsoft Exchange Online outage blocks access to mailboxes worldwide
Microsoft is investigating an ongoing outage that is blocking Exchange Online customers worldwide from accessing their mailboxes via any connection…
Iron Tiger hackers create Linux version of their custom malware
The APT27 hacking group, aka "Iron Tiger," has prepared a new Linux version of its SysUpdate custom remote access malware,…
Windows 11 KB5022905 preview update released with 13 changes
Microsoft has released the February 2023 optional cumulative updates for all editions of Windows 11 22H2 and all supported Windows…