Microsoft
Microsoft to patch three critical issues
December’s advanced Patch Tuesday brings us seven advisories, three of which are listed as Critical. The Critical issues affect, Internet Explorer, all supported …
IE “Unicorn” bug actively exploited in the wild
Last week, in its regular Patch Tuesday, Microsoft patched a number of serious vulnerabilities, including one that is nearly two decades old, dating back to Microsoft IE 3.0. …
Windows Kerberos bug: How to detect signs of exploitation before the update?
Microsoft has shared more details about the critical elevation of privilege bug found in Microsoft Windows Kerberos Key Distribution Center (CVE-2014-6324) which is being …
Microsoft open sources .NET server stack
Microsoft open sourced the full server-side .NET stack and expanded .NET to run on the Linux and Mac OS platforms. The company also released Visual Studio Community 2013, a …
Microsoft patches Windows, IE, Word, SharePoint and IIS
This month Microsoft is publishing 14 bulletins with new versions and patches for its software, operating systems and applications. This is one fewer bulletin than Microsoft …
Windows 0-day exploited in ongoing attacks, temporary workarounds offered
Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations …
China executes MITM attack against iCloud and Microsoft account holders
China-based Internet users are in danger of getting their iCloud and Windows Live accounts hijacked and all the information in them slurped up by the Chinese authorities, web …
Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
Microsoft patches SandWorm 0-day
Microsoft is back in fine form this month with eight upcoming advisories affecting Internet Explorer, the entire Microsoft range of supported operating systems, plus Office, …
Windows 10 will not come with built-in keylogging capabilities
In case you missed it, a big fuss has been raised about the keylogging and other “spying” capabilities of the recently released Technical Preview version of …
Researchers test EMET 5 protections, find them wanting
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) has once again failed to stop an attack mounted by researchers working with Offensive Security, the company …
Microsoft launches bug bounty program for Online Services
Microsoft has launched another bug bounty program, and this one will focus on its Online Services. Bug hunters are urged to submit vulnerabilities affecting the following …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility