From an attacker’s perspective, the wider the net cast, the more number of potential victims caught. So it’s no surprise that Recorded Future research indicates attackers continue to rely heavily on exploits targeting Microsoft applications.
There is bipartisan consensus in Congress that a federal data privacy law is necessary. Public policy experts from Google, Microsoft, and Twitter discussed the issues lawmakers will need to address to craft meaningful privacy regulation at a panel at RSA Conference.
A privilege escalation attack that is the combination of known issues and weaknesses with Microsoft Exchange will let users become Domain Administrators. No compromised credentials required.
Even with a regular software update cadence, some vulnerabilities are serious enough to warrant an emergency fix. Microsoft has released an out-of-band update addressing a remote code execution flaw in Internet Explorer.
A trio of problems caused by a software update in some of Microsoft's data centers led to a service outage for customers of the Microsoft Entra ID MFA service last week.