Security news that informs and inspires

Archive

168 results for tag Microsoft:

Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028

A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.

Microsoft, Russia

CISA Emergency Directive Orders Mitigations After Microsoft Breach

The U.S. government has made public an emergency directive that it issued last week for federal agencies, ordering them to take various mitigation measures after Microsoft's compromise last year.

Microsoft

CSRB: Microsoft Should Refocus on Security After Cloud Intrusion

The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the 2023 compromise of more than 20 customers' cloud email inboxes by a Chinese threat group.

Microsoft, China

Microsoft Fixes Critical Windows Hyper-V Flaws

Microsoft has patched critical-severity flaws in Windows Hyper-V as part of its regularly scheduled updates, which contained no zero-day flaws this month.

Microsoft

Microsoft Says Russian APT29 Accessed Source Code, Other Secrets

The Russian threat group known as Midnight Blizzard and APT29 gained access to some Microsoft source code repositories and other sensitive data, the company said.

Russia, Microsoft