The U.S. government has made public an emergency directive that it issued last week for federal agencies, ordering them to take various mitigation measures after Microsoft's compromise last year.
Microsoft has issued over 147 patches in its largest patch Tuesday release since 2017, including fixes for two actively exploited vulnerabilities.
In this week’s Memory Safe episode, Sherrod DeGrippo of Microsoft talks about her first experiences with hacker culture, why a Stanley Kubrik movie shows a glimpse of what AI is, and how she makes sure that “threat intelligence hits the right note.”
The most severe flaw stems from password requirements not being checked in some features of SAP’s NetWeaver Java User Management Engine.
The U.S. Department of Health and Human Services is warning of "sophisticated" social engineering attacks on hospital IT help desks that aim to gain access to employees' email accounts.