Microsoft
Microsoft plugs online services account hijacking vulnerability
London-based security researcher and bug hunter Jack Whitton has discovered a serious cross-site request forgery flaw affecting Microsoft’s authentication system for …
How to block malicious macros for good?
Microsoft is finally doing something about the increasing threat of malicious macros: it has added a new feature in Office 2016 that will block macros from loading in certain …
Microsoft ends support for Windows 8, IE8 through 10: What does this mean for you?
Slowly but surely, Microsoft is pushing users towards Windows 10 and its new browser, Microsoft Edge. The way through this is by stop providing technical support and security …
Microsoft will stop trusting certificates from 20 Certificate Authorities
Starting on January 2016, Microsoft’s Trusted Root Certificate Program will no longer include twenty currently trusted CAs and will remove their root certificates …
Microsoft kills many critical flaws, some 0-days, un-trusts one wildcard cert
For this December Patch Tuesday, Microsoft has released twelve security bulletins, eight of which have been rated critical.Those refer to the cumulative security updates for …
Microsoft warns of imminent end of support for all but the latest Internet Explorer versions
Windows users who still prefer Internet Explorer to all other browsers have been urged by Microsoft to update to the latest (and last) version of the browser (v11), as the …
Windows machines stop trusting Dell’s two unconstrained root CA certs
Microsoft has updated the Certificate Trust list for all supported releases of Microsoft Windows so that the two digital certificates (complete with inadvertently disclosed …
New Dyre variant can target Windows 10 and Microsoft Edge users
As Microsoft continues to push Windows users towards adopting the latest version of the popular OS, malware authors have started adding support for it. Heimdal Security …
Microsoft’s new security posture leads to baked-in security
More than ever, Microsoft wants its products to be the first choice for enterprises, organizations, and governments. And to do that, they embedded security in the …
Microsoft wants researchers to find bugs in .NET Core and ASP.NET, will pay
Microsoft has launched another specialized bug bounty that’s set to run until January 20th, 2016.Bug hunters, who can earn between $500 and $15,000 depending on the …
Microsoft fixes critical flaws in all versions of Windows and Office
This month’s Microsoft Patch Tuesday brings fixes for 33 vulnerabilities. Nearly half of those are found in Internet Explorer, and most of them are critical as they …
Attackers take over org’s OWA server, harvest domain credentials with malicious DLL
Researchers from cyber attack detection and response outfit Cybereason have discovered a novel APT technique that was used by attackers to gain persistence in an (unnamed) …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility