An attacker based in China has been compromising thousands of MS-SQL servers for nearly two years.
Two new Windows vulnerabilities related to the Adobe Type Manager library are being exploited in targeted attacks.
Microsoft has issued a security advisory warning of a vulnerability in the Microsoft Server Message Block (SMB) protocol. Until a fix is available, administrators are advised to disable SMBv3 compression on their servers.
While helping a customer deal with a state-sponsored attack group which had been stealing data and email for about eight months, Microsoft’s incident response team uncovered five other threat actors operating simultaneously on the network.
Microsoft has taken over the control infrastructure for the Necurs botnet, disrupting the operations of the notorious spam and malware-distribution network.