Security news that informs and inspires

Archive

169 results for tag Microsoft:

Attackers Exploiting Two Microsoft Exchange Zero Days

Attackers are exploiting two new Microsoft Exchange zero days ( CVE-2022-41040 and CVE-2022-41082) in the wild. Microsoft is working on a patch.

Microsoft, Zero Day

Lazarus Group Affiliate Uses Trojanized Open Source Apps in New Campaigns

Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.

North Korea, Microsoft

Microsoft Fixes Exploited Windows Bug

The vulnerability in the Windows Common Log File system could allow an authenticated attacker to execute code with elevated privileges.

Microsoft, Patch Tuesday

Microsoft Discloses Previously Fixed Azure Synapse Bug

Microsoft quietly fixed the elevation of privilege flaw in June.

Microsoft, Azure

Russian APT Targets Microsoft 365 Features to Muddle Detection

APT29, the threat actor linked to the SolarWinds hack, is abusing various Azure features in recent attacks against organizations that influence the foreign policy of NATO countries.

Solarwinds, Microsoft