SEARCH
Archive
Researchers Warn of Potential Abuse of Azure Service Tags
Tenable researchers discovered a technique for abusing Azure service tags to bypass firewall rules and Microsoft has issued new guidance for customers.
Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.
CISA Emergency Directive Orders Mitigations After Microsoft Breach
The U.S. government has made public an emergency directive that it issued last week for federal agencies, ordering them to take various mitigation measures after Microsoft's compromise last year.
CSRB: Microsoft Should Refocus on Security After Cloud Intrusion
The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the 2023 compromise of more than 20 customers' cloud email inboxes by a Chinese threat group.
Microsoft Fixes Critical Windows Hyper-V Flaws
Microsoft has patched critical-severity flaws in Windows Hyper-V as part of its regularly scheduled updates, which contained no zero-day flaws this month.