The Microsoft August 2023 Security Updates includes patches and advisories for 74 vulnerabilities, including 6 Critical severity issues.
CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day)
The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Exchange and one Windows zero-day vulnerability to its Known Exploited Vulnerabilities Catalog.
Cloud computing services company Rackspace has reported a security incident involving Hosted Exchange services.
Microsoft November 2022 Security Updates addresses 65 vulnerabilities (6 zero-days to include ProxyNotShell)
The Microsoft November 2022 Security Updates includes patches and advisories for 65 vulnerabilities, including 6 zero-days and 10 Critical severity issues.
The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”
Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.
The Cybersecurity and Infrastructure Security Agency (CISA) has added 3 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Microsoft Exchange and Atlassian flaws.
Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.
The Microsoft March 2022 Security Updates includes patches and advisories for 71 vulnerabilities, 29 of those remote code execution flaws and three rated Critical.
The Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) issued a joint Cybersecurity Advisory warning of BlackByte ransomware compromising multiple entities in US critical infrastructure sectors.