Microsoft Archives - Page 3 of 12

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / June 16, 2022 / CVE-2022-30190, Cybersecurity Threat Center, exploits, Follina, Microsoft, MSDT, RCE, Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Support Diagnostic Tool (MSDT) vulnerability CVE-2022-30190 (aka “Follina”) to its Known Exploited Vulnerabilities Catalog.

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities Read More »

Microsoft June 2022 Security Updates addresses 55 vulnerabilities (3 Critical)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 14, 2022 / CVE-2022-30136, CVE-2022-30139, CVE-2022-30163, Cybersecurity Threat Center, HyperV, LDAP, Microsoft, NFS, RCE, Vulnerabilities

The Microsoft June 2022 Security Updates includes patches and advisories for 55 vulnerabilities, three of those rated Critical severity.

Microsoft June 2022 Security Updates addresses 55 vulnerabilities (3 Critical) Read More »

Microsoft exposes and disables Polonium activity targeting Israeli organizations

Cloud Security, Cybersecurity Attacks / Frank Crast / June 7, 2022 / CreepyBox, CreepyDrive, CVE-2018-13379, Iran, Lebanon, Microsoft, MOIS, MSTIC, OneDrive, Polonium

Microsoft has exposed and disabled a Lebanon-based Polonium cyber activity targeting Israeli organizations.

Microsoft exposes and disables Polonium activity targeting Israeli organizations Read More »

security, professional, secret-5199239.jpg

Microsoft May 2022 Security Updates addresses 73 vulnerabilities (7 rated Critical, 1 zero-day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / May 11, 2022 / CVE-2022-21972, CVE-2022-22017, CVE-2022-23270, CVE-2022-26921, CVE-2022-26923, CVE-2022-26925, CVE-2022-26937, CVE-20220-29972, LSARPC, Microsoft, Windows

The Microsoft May 2022 Security Updates includes patches and advisories for 73 vulnerabilities, seven of those rated Critical severity and one zero-day flaw CVE-2022-26925.

Microsoft May 2022 Security Updates addresses 73 vulnerabilities (7 rated Critical, 1 zero-day) Read More »

Microsoft discovers Nimbuspwn Linux vulnerabilities

Vulnerabilities & Exploits / Frank Crast / April 26, 2022 / CVE-2022-29799, CVE-2022-29800, kernel, Linux, Microsoft, Nimbuspwn

Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.

Microsoft discovers Nimbuspwn Linux vulnerabilities Read More »

cyber security, information security, data privacy-3400657.jpg

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / April 11, 2022 / Active Directory, CVE-2017-11317, CVE-2020-2509, CVE-2021-22600, CVE-2021-27852, CVE-2021-39793, CVE-2021-42278, CVE-2021-42287, CVE-2022-23176, Firebox, Microsoft, QNAP, WatchGuard, XTM

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities Read More »

ACTINIUM threat actors target organizations in Ukraine

Cybersecurity Attacks, Malware / Frank Crast / February 6, 2022 / ACTINIUM, Gamaredon, malware, Microsoft, MSTIC, Ukraine

Microsoft shared new information on cyber threat group dubbed ACTINIUM (also known as Gamaredon) that has been targeting organizations in Ukraine or those related to Ukrainian affairs. The cyber activity is also tracked back to DEV-0157.

ACTINIUM threat actors target organizations in Ukraine Read More »