The vulnerability was identified and fixed in 2013 but in 2014 Microsoft revised the fix allowing Malsmoke hackers in 2022 to spread...
Microsoft is warning of continuing attempts by nation-state adversaries and commodity attackers to take advantage of security vulnerabilities uncovered in the Log4j...
The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious...
Malicious actors are deploying a previously undiscovered binary, an Internet Information Services (IIS) webserver module dubbed “Owowa,” on Microsoft Exchange Outlook Web...
Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw...
Infection chains associated with the multi-purpose Qakbot malware have been broken down into “distinct building blocks,” an effort that Microsoft said will...
The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies,...
Dubbed Nickel by Microsoft; the group of Chinese hackers was actively using the websites for intelligence gathering from thanks tanks, human rights...
Nobelium, the threat actor attributed to the massive SolarWinds supply chain compromise, has been once again linked to a series of attacks...
Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations...
According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator....
The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which...
Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation...
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The...
Microsoft recently discovered a critical security vulnerability in macOS, which as per Microsoft 365 Defender Research team’s researcher Jonathan Bar-Or, could have...
The prime target of this malware campaign is unsuspecting users on Windows 10. Rapid7 Managed Detection and Response team has shared details...
Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take...
Microsoft on Thursday disclosed an “extensive series of credential phishing campaigns” that takes advantage of a custom phishing kit that stitched together...
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that’s used to proxy traffic to internet...
An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting US, EU, and Israeli defense...
Google holds the top slot with over 547 vulnerabilities, Microsoft is on number two with 432 unwanted exposure instances and Oracle is...