Microsoft
Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925)
May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack (CVE-2022-26925) …
Avaya partners with Microsoft to help customers accelerate their cloud migration
Avaya and Microsoft have expanded their global partnership by pairing the Avaya OneCloud portfolio with Microsoft Azure to provide organizations with more options to increase …
May 2022 Patch Tuesday forecast: Look beyond just application and OS updates
April Patch Tuesday provided an extensive set of operating system and application updates after a few quiet months. Microsoft addressed 97 vulnerabilities in Windows 10, and …
New infosec products of the week: May 6, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, BIO-key, Data Theorem, Enpass, Microsoft, N-able, and Uptycs. Microsoft …
Apple, Google and Microsoft expand support for FIDO Alliance’s passwordless sign-in standard
In a joint effort to make the web more secure and usable for all, Apple, Google and Microsoft announced plans to expand support for a common passwordless sign-in standard …
Microsoft announces Microsoft Defender for Business (for SMBs)
Microsoft has announced the stand-alone version of Microsoft Defender for Business, which aims to bring enterprise-grade endpoint security to SMBs, including endpoint …
Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …
Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy …
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried …
Windows Autopatch: Managed enterprise patching for Windows and Office
While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second …
April 2022 Patch Tuesday forecast: Spring is in the air (and vulnerable)
March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints