Microsoft
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers
Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited …
March Patch Tuesday closes record number of vulnerabilities
With no February Patch Tuesday, it was to be expected that Microsoft would fix a huge number of security issues in March. They didn’t disappoint: 139 unique CVEs have …
By the end of March no one will remember that Microsoft missed a Patch Tuesday
Like the weather in Minnesota, the March Patch Forecast is unpredictable at best. Be prepared for turbulent times interspersed with moments of calm. Will March Patch Tuesday …
Google, Microsoft increase bug bounties
Bug hunters, rejoice: both Google and Microsoft have announced a considerable increase of the amount they will pay out for information about bugs in their products. Google ups …
Google releases details, PoC exploit code for IE, Edge flaw
As we’re impatiently waiting for Microsoft to patch vulnerabilities that were scheduled to be fixed in February, Google has released details about a serious …
Removing admin rights mitigates most critical Microsoft vulnerabilities
Avecto has analyzed the security bulletins Microsoft released in the past year, and came to an important conclusion: an overwhelming majority of all the critical Microsoft …
Microsoft pushes out patches for critical Flash Player vulnerabilities
Microsoft has skipped its February 2017 Patch Tuesday and postponed the release of those patches for March, but there are apparently security vulnerabilities that must be …
Microsoft postpones Patch Tuesday
Patch Tuesday is the day when most system administrators sit down and perform critical patching of the systems under their control – or at least begin testing the …
Will February’s Patch Tuesday fix a known zero-day?
Coming into Patch Tuesday we have a known zero day on the Microsoft side, and we’ve seen example code for an SMB exploit that could lead to DoS and BYOD of a system. US …
Most employees use unsanctioned group chat tools
Employees are sharing sensitive company information using group chat tools that are not officially sanctioned for use, according to SpiderOak. The survey consisted of 600 …
New year, new patches: A look back and what to expect in the future
As to be expected when ringing in a new year, there are predictions galore flooding social media and that includes the cybersecurity space. Predications are more than just …
Corporate Office 365 users hit with clever phishing attack
Corporate Office 365 users are being targeted by phishers using a clever new trick to bypass email filters and the default security protections of the Microsoft service. The …
Featured news
Sponsored
Don't miss
- Cybercriminals used a gaming engine to create undetectable malware loader
- ESET researchers analyze first UEFI bootkit for Linux systems
- QScanner: Linux command-line utility for scanning container images, conducting SCA
- Choosing the right secure messaging app for your organization
- Zero-day data security