Microsoft
16 articles tagged "Microsoft"
Microsoft March 2026 Patch Tuesday: Two Zero-Days Under Attack
Microsoft's March 2026 Patch Tuesday addresses two zero-day vulnerabilities currently being exploited by attackers. One bypasses Windows' Mark of the Web security warnings, while the other escalates privileges to SYSTEM level, creating a dangerous attack chain when combined.
Microsoft Warns of SharePoint Vulnerabilities and Mitigation Steps
Microsoft has issued critical guidance on recently identified vulnerabilities in SharePoint, urging immediate action for users and administrators alike. This follows incidents of active exploitation aimed at unauthorized system access.
CLFS Zero-Day Exploit Fuels Ransomware Operations
A newly discovered zero-day vulnerability in Windows CLFS has facilitated ransomware attacks on various sectors. Microsoft is urging organizations to apply security updates urgently.
Russian Hacking Group Targets Critical Infrastructure Across the Globe
A Russian state-sponsored hacking group, Seashell Blizzard, has launched an extensive cyber espionage campaign against critical infrastructure in the US, UK, Canada, and beyond. The operation leverages vulnerabilities in IT management software to infiltrate high-profile sectors.
Microsoft Issues Warning on Zero-Day Vulnerability in Windows 10
Microsoft has revealed a significant zero-day vulnerability in Windows 10, designated CVE-2024-43491. This flaw has the potential to reintroduce previously patched vulnerabilities, posing serious risks to users.
CISA Warns of Active Exploitation of SharePoint Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding a critical vulnerability in Microsoft SharePoint that is currently under active attack. Organizations using the affected SharePoint versions are urged to implement preventive measures immediately.
Microsoft Security Advisory on CVE-2023-35628 Released
Microsoft has released security updates addressing a critical vulnerability identified as CVE-2023-35628. This advisory outlines the details and steps for remediation.
June 2024 Cybersecurity Update: Key Vulnerabilities and Risks
The June 2024 cybersecurity update reveals critical vulnerabilities, including a powerful SSRF in Exchange OWA and other risks across various platforms. Experts emphasize the importance of timely patches to prevent exploitation.
38TB Microsoft Data Leakage Exposed by White Hat Hackers
A team of white hat hackers revealed a significant leak of 38TB of Microsoft's internal data, highlighting vulnerabilities in Azure storage protocols. This incident serves as a critical reminder for businesses regarding data security.
Microsoft Exposes Theft of Signing Key by Chinese Hackers
Microsoft detailed a substantial breach linked to Chinese hackers, revealing security oversights that led to the theft of a crucial signing key. The incident has raised concerns about network security and the implications for federal agencies.
Inside the Storm-0558 Hack: Microsoft’s MSA Key Breach Explained
Microsoft has confirmed the breach of an MSA consumer signing key by the Storm-0558 hackers, exposing vulnerabilities within its security framework. The incident raised questions about Microsoft's logging practices and response strategies.
Exploring the Journeys of Microsoft Security Researchers
Microsoft highlights the diverse stories of security researchers, showcasing their beginnings, motivations, and contributions to the cybersecurity landscape. From unique origin stories to collaborative platforms, these journeys reflect the changing dynamics of digital security.
Microsoft Discusses Steps to Mitigate China-Based Cyber Threats
Microsoft has revealed details about a China-based cyber threat actor, Storm-0558, affecting numerous organizations. The company is emphasizing cooperation and enhanced defenses.
Massive Data Leaks Raise Concerns for Companies and Users
Recent incidents highlight alarming data leaks from major companies, exposing sensitive data and raising privacy concerns. Stakeholders express outrage and demand accountability.
Nokoyawa Ransomware Exploits Zero-Day Vulnerability in Windows
An advanced cybercriminal group has leveraged a zero-day vulnerability in Microsoft Windows, specifically within the Common Log File System, to launch Nokoyawa ransomware attacks across various industries. Microsoft has since addressed the issue with a patch.
Understanding CVE-2023-28252: A New Zero-Day Threat
A new zero-day vulnerability in Windows CLFS has been identified, prompting urgent patching. Cybersecurity experts share insights on the threat and its implications.