• Hackers are now hiding malware in Windows Event Logs
    Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques and modules designed […]
  • Hundreds of HP printers vulnerable to remote code execution flaws
    HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine. Tracked as CVE-2022-3942, the security issue was reported […]
  • German government advises against using Kaspersky antivirus
    Germany’s Federal Office for Information Security, BSI, is warning companies against using Kaspersky antivirus products due to threats made by Russia against the EU, NATO, and Germany.Kaspersky is a Moscow-based cybersecurity and antivirus provider founded in 1997, that has a long history of success, but also controversy over the company’s possible relationship with the Russian […]
  • Ubisoft confirms ‘cyber security incident’, resets staff passwords
    Video game developer Ubisoft has confirmed that it suffered a ‘cyber security incident’ that caused disruption to its games, systems, and services. The announcement comes after multiple Ubisoft users had reported issues last week accessing their Ubisoft service. Data extortion group LAPSUS$, who has claimed responsibility for hacking Samsung, NVIDIA, and Mercado Libre thus far, […]
  • Microsoft is testing ads in the Windows 11 File Explorer
    Microsoft has begun testing promotions for some of its other products in the File Explorer app on devices running its latest Windows 11 Insider build. The new Windows 11 “feature” was discovered by a Windows user and Insider MVP who shared a screenshot of an advertisement notification displayed above the listing of folders and files […]
  • Norton 360 antivirus now lets you mine Ethereum cryptocurrency
    NortonLifelock has added the ability to mine Ethereum cryptocurrency directly within its Norton 360 antivirus program as a way to “protect” users from malicious mining software.This new mining feature is called ‘Norton Crypto’ and will be rolling out tomorrow to Norton 360 users enrolled in Norton’s early adopter program. When Norton Crypto is enabled, the software […]
  • CISA gives federal agencies until Friday to patch Exchange servers
    The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. Today, Microsoft released security updates for four Microsoft Exchange vulnerabilities discovered by the NSA. These Exchange vulnerabilities are capable of remote code execution, with two vulnerabilities not requiring attackers to authenticate first. While none of […]
  • NSA discovers critical Exchange Server vulnerabilities, patch now
    Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. All the flaws lead to remote code execution on a vulnerable machine and were discovered and reported to Microsoft by the U.S. National Security Agency (NSA). Microsoft also found some of […]
  • FBI nuked web shells from hacked Exchange Servers without telling owners
    A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers’ owners. On March 2nd, Microsoft released a series of Microsoft Exchange security updates for vulnerabilities actively exploited by a hacking group known as HAFNIUM. vulnerabilities are collectively known as ProxyLogon and were used by threat actors in January […]
  • Microsoft Exchange servers now targeted by BlackKingdom ransomware
    Another ransomware operation known as ‘BlackKingdom’ is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute […]
  • Researcher adds his fake package to Microsoft Azure SDK releases list
    A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite. New package added to Azure SDK releases page This month security […]
  • Microsoft fixes Office issue causing memory, disk space errors
    Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. This known issue only affects customers who have installed Microsoft Office apps from the Microsoft Store and are trying to open an Office document that triggers the Protected View feature. Protected View is […]
  • Expert publishes PoC exploit code for Microsoft Exchange flaws
    This week a security researcher published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers chaining two of ProxyLogon flaws.On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT […]
  • Supermicro, Pulse Secure release fixes for ‘TrickBoot’ attacks
    Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware’s UEFI firmware-infecting module, known as TrickBoot. Last year, cybersecurity firms Advanced Intelligence and Eclypsium released a joint report about a new malicious firmware-targeting ‘TrickBoot’ module delivered by the notorious TrickBot malware. When executed, the module will analyze a device’s UEFI firmware to determine […]
  • Working Windows and Linux Spectre exploits found on VirusTotal
    Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. The vulnerability was unveiled as a hardware bug in January 2018 by Google Project Zero researchers. If successfully exploited on vulnerable systems, it can be used by attackers to steal sensitive […]
  • Ryuk ransomware now self-spreads to other Windows LAN devices
    A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims’ local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021. “Through the use of scheduled tasks, the malware propagates itself – machine to machine – within the Windows domain,” […]
  • Microsoft fixes Windows 10 drive corruption bug
    Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. Last month, BleepingComputer reported on a new Windows bug that allows any users, including those with low privileges, to mark an NTFS volume as dirty. All a Windows […]
  • Chinese hackers used NSA exploit years before Shadow Brokers leak
    Chinese state hackers cloned and started using an NSA zero-day exploit almost three years before the Shadow Brokers hacker group publicly leaked it in April 2017. EpMe is the original exploit created by Equation Group around 2013 for a Windows zero-day bug tracked as CVE-2017-2005. The vulnerability was used for escalating Windows user privileges after gaining […]
  • Windows 10 clipboard history now lets you paste as plain text
    Microsoft has added a ‘paste as plain text’ option to the Windows 10 clipboard history in the latest Preview build available for Windows Insiders in the Dev Channel. Starting with Windows 10 Insider Preview Build 21318, users will see a new option added to the interface, which allows them to remove all formatting from clipboard […]
  • Windows 10 21H1 coming soon, here are the new features
    Earlier this week, Microsoft officially announced the Windows 10 version 21H1 update and it’ll begin rolling out to consumers in the first half of this year. Like the October 2020 Update (20H2), this new update also comes with a minimal set of features, general improvements, and bug fixes. Windows 10 version 21H1 is essentially based […]
  • The rounded corners are back: Microsoft demonstrates a new user interface
    The latest examples of the appearance of Windows 10 go back to the days of Windows 7, Vista and XP with rounded corners for windows, dialogs and pop-up menus. This customized user interface is part of the Fluent Design transformation.These are further steps in the overall evolution of the Fluent design language, which has permeated […]
  • Microsoft force installs Windows 10 update to remove Flash Player
    Microsoft is force installing a Windows 10 update that removes the embedded 32-bit version of Adobe Flash Player from the operating system.In October, we reported that Microsoft had released the KB4577586 optional update to remove the embedded 32-bit Flash Player from Windows and prevent it from being installed again.Microsoft Catalog, and once installed, could no […]
  • Microsoft confirms Windows 10 21H1 will run on existing hardware
    Microsoft has officially confirmed that Windows 10, version 21H1 will be the next Windows 10 update to be released later during the spring of 2021. Windows 10 21H1 will come with no hardware requirement changes when compared to Windows 10 20H2, the previous release, according to a blog post on the company’s official Windows Hardware […]
  • DDoS attack takes down EXMO cryptocurrency exchange servers
    The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service (DDoS) attack. “We are currently experiencing a DDoS attack on our platform,” the exchange said in a notification published earlier today. “Please note that the EXMO exchange website is now under the DDoS attack. The servers are temporarily […]
  • Patch Windows to avoid denial of service attacks: Microsoft
    Microsoft has issued an urgent security alert advising customers to apply patches for vulnerabilities in the Windows transmission control/internet protocol (TCP/IP) networking stack, as its security researchers expect the flaws to be exploited soon. Of the three vulnerabilities, the CVE-2021-24086 flaw is easy to exploit for denial of service attacks that cause a STOP error with a […]
  • Linux systems are the target of cyberattacks
    Check Point Research has uncovered cyberattacks on Linux systems. An attacker exploits vulnerabilities in systems and tries to create a botnet using the new FreakOut malware variant, which can scan ports, gather information, eavesdrop on the network, perform DDoS attacks or flooding. The botnet could also be controlled remotely. In the event of successful misuse, […]
  • Microsoft: Windows 10 1909 reaches end of service in May
    Microsoft has reminded customers that some editions of Windows 10, version 1909 (also known as the November 2019 Update) will reach end of service in May 2021. Microsoft stops providing technical support and fixes for newly discovered issues and security vulnerabilities for all products that reach their end of service.Redmond advises customers still using end of […]
  • Microsoft warns of an increasing number of web shell attacks
    Microsoft says that the number of monthly web shell attacks has almost doubled since last year, with an average of 140,000 such malicious tools being found on compromised servers every month. Web shells are tools (scripts or programs) that threat actors deploy on hacked servers to gain and/or maintain access, as well as to remotely […]
  • Microsoft releases emergency fix for Windows 10 WiFi crashes
    Microsoft has released an emergency KB5001028 out-of-band update to fix a bug causing Windows 10 to crash when connecting to WPA3 Wi-Fi networks. According to a new support issue posted to Microsoft’s Windows Message Center, the bug was introduced in the recent Windows 10 1909 cumulative updates. Specifically, KB4598298, released on January 21, 2021, and KB4601315, […]
  • 12-year-old Windows Defender bug gives hackers admin rights
    Microsoft has fixed a privilege escalation vulnerability in Microsoft Defender Antivirus (formerly Windows Defender) that could allow attackers to gain admin rights on unpatched Windows systems. Microsoft Defender Antivirus is the default anti-malware solution on over 1 billion systems running Windows 10 according to Microsoft’s stats.


Microsoft Exchange SAN UCC SSL

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.