Microsoft Office Users Targeted in a New Zero-Day Attack

  Microsoft issued a warning to Windows users on Tuesday that attackers are actively exploiting an unpatched remote execution zero-day vulnerability in MSHTML, a proprietary browser engine for the now-discontinued Internet Explorer using weaponized MS Office documents.  Tracked as CVE-2021-40444, the vulnerability affects Windows Server 2008 through 2019 and Windows 8.1 through 10 and has […]

Continue Reading

Microsoft Links SolarWinds Serv-U SSH 0-Day Attack to a Chinese Hacking Group

  Microsoft Threat Intelligence Center has published technical facts regarding a now-patched, 0-day remote code execution exploit affecting SolarWinds Serv-U managed file transfer service software that it has attributed with “high confidence” to a hacking group functioning out of China. In early July, Microsoft Offensive Research & Security Engineering team addressed a remote code execution […]

Continue Reading

Parliamentary Panel Advises Indian Government to Ban VPN Services

  Citing the growing threat in cyberspace, the Parliamentary Standing Committee on Home Affairs has advised the Indian government to block the virtual private network VPN (apps), saying VPNs provide significant technological challenges to maintain the sovereignty of the nation.  The request from the Parliamentary Standing Committee comes as 31 Members of Parliament discovered that […]

Continue Reading