Microsoft
Easily bypassed patch makes zero-click Outlook flaw exploitable again (CVE-2023-29324)
Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.” …
Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …
PwC partners with Microsoft and Icertis to accelerate enterprise digital transformation
PwC, Microsoft and Icertis announced a new strategic collaboration that will provide C-suites with a powerful, innovative AI-driven approach to contract management that …
Microsoft Authenticator push notifications get number matching
Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: …
May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS)
The April Patch Tuesday releases were unusual because we saw a whopping 62 vulnerabilities addressed in the Microsoft Server 2012 KBs. Granted there was a lot of overlap with …
PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates
Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro …
Talon Cyber Security collaborates with Microsoft to provide ChatGPT access
Talon Cyber Security has integrated the Talon Enterprise Browser with Microsoft Azure OpenAI Service to provide enterprise-grade ChatGPT access to customers. “The productivity …
LinkedIn now allows you to verify your workplace
To combat the surge of fake LinkedIn accounts in recent years, Microsoft has introduced Entra Verified ID, a new feature that allows users to verify their workplace on the …
April 2023 Patch Tuesday forecast: The vulnerability discovery race
The answer to the question “Why does software continue to have so many vulnerabilities?” is complex, because the software itself is so complex. There’ve been many articles …
Microsoft unveils AI-powered Security Copilot analysis tool
Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals’ work. …
Microsoft announces Microsoft Incident Response Retainer
Microsoft has introduced Microsoft Incident Response Retainer, allowing customers to pre-pay and count on help from Microsoft incident responders before, during and after a …
Exchange Online will soon start blocking emails from old, vulnerable on-prem servers
Slowly but surely, Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company’s Exchange Online hosted …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility