A Year in Microsoft Bugs: The Most Critical, Overlooked & Hard to Patch
Severe flaws in Microsoft Exchange and Windows Print Spooler stood out amid a wide range of vulnerabilities security teams were…
PYSA ransomware gang is the most active group in November
PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from […] The…
Microsoft Customer Source Code Exposed via Azure App Service Bug
Researchers found an insecure default behavior in Azure App Service exposing source code of some customer applications deployed using "Local…
Microsoft Azure App Service flaw exposed customer source code
A security flaw found in Azure App Service, a Microsoft-managed platform for building and hosting web apps, led to the exposure…
Preemptive Strategies to Stop Log4j and Its Variants
Zero trust is key to not falling victim to the next big vulnerability.
Microsoft warns of easy Windows domain takeover via Active Directory bugs
Microsoft warned customers today to patch two Active Directory domain service privilege escalation security flaws that, when combined, allow attackers…
FBI: State hackers exploiting new Zoho zero-day since October
The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking…
Log4j attackers switch to injecting Monero miners via RMI
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both…
Telecom operators targeted in recent espionage hacking campaign
Researchers have spotted a new espionage campaign targeting telecommunication and IT service providers in the Middle East and Asia. [...]
Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts…