Information Security newsfeed from around the world in English and French. Find it all in one place… here.
Microsoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates this week to address four zero-day vulnerabilities in Exchange Server. There’s been a lot of security activity in the news, so I’m sure it is going to be a busy Patch Tuesday. The Microsoft Security Response Center reported known attacks […]
Continue ReadingMicrosoft has revealed information on newly found malware the SolarWinds hackers deployed on victims’ networks as second-stage payloads. […] Source: leepingcomputer.com
Continue ReadingMicrosoft Edge was redesigned with Chromium in January 2020 and it’s getting better every month with new updates. Earlier this year, Microsoft announced that it’s enabling support for sleeping tabs and now Microsoft is rolling out two new features – vertical tabs and startup boost. […] Source: leepingcomputer.com
Continue ReadingMicrosoft Edge was redesigned with Chromium in January 2020 and it’s getting better every month with new updates. Earlier this year, Microsoft announced that it’s enabling support for sleeping tabs and now Microsoft is rolling out two new features – vertical tabs and startup boost. […] Source: leepingcomputer.com
Continue Reading
What happened? On March 2, 2021 several companies released reports about in-the-wild exploitation of zero-day vulnerabilities inside Microsoft Exchange Server. The following vulnerabilities allow an attacker to compromise a vulnerable Microsoft Exchange Server. As a result, an attacker will gain access to all registered email accounts, or be able to execute arbitrary code (remote code […]
Continue ReadingA researcher was able to bitsquat Microsoft’s windows.com domain by cybersquatting variations of windows.com. Adversaries can abuse this tactic to conduct automated attacks or collect data due to the nature of bit flipping. […] Source: leepingcomputer.com
Continue ReadingA working proof-of-concept (PoC) exploit is now publicly available for the critical SIGRed Windows DNS Server remote code execution (RCE) vulnerability. […] Source: leepingcomputer.com
Continue ReadingMicrosoft has shared details on Known Issue Rollback (KIR), a Windows 10 capability used to revert buggy non-security fixes delivered through Windows Update. […] Source: leepingcomputer.com
Continue ReadingBy Deeba Ahmed A bug bounty hunter has identified and reported a vulnerability that allowed an attacker to log in to any Microsoft account. This is a post from HackRead.com Read the original post: Flaw allowed bypassing verification code, log in to any Microsoft account Source: hack read com
Continue ReadingBy Deeba Ahmed Microsoft says Chinese hackers from the Hafnium group waged “limited and targeted attacks,” in which its Exchange Email servers were breached to steal data. This is a post from HackRead.com Read the original post: Hackers hit Microsoft Exchange Server to steal email data Source: hack read com
Continue Reading