SEARCH
Archive
Microsoft: Nation-State Actors Zero in on Critical Infrastructure, Unpatched Flaws
Nation-state actors are targeting critical infrastructure, the IT supply chain and unpatched flaws in an effort to advance evolving strategic political objectives and to reach a wider set of targets.
Microsoft Discloses Fixed Azure Cosmos DB RCE Flaw
Details have been disclosed on a remote code execution flaw in Azure Cosmos DB, which was previously fixed by Microsoft in October.
Microsoft Adds New Features to Authenticator to Prevent MFA Fatigue Attacks
Microsoft is adding number matching and geographic and app context to Authenticator to defend against MFA fatigue attacks.
Microsoft Fixes Actively Exploited Windows Privilege-Escalation Bug
Meanwhile, two exploited Exchange flaws that publicly emerged two weeks ago were not addressed in Microsoft’s update.
Attackers Exploiting Two Microsoft Exchange Zero Days
Attackers are exploiting two new Microsoft Exchange zero days ( CVE-2022-41040 and CVE-2022-41082) in the wild. Microsoft is working on a patch.