Microsoft has released new Zero Trust guidance for Azure Active Directory (Azure AD). The guidance is part of a broader "Zero Trust Security Strategy" to help organizations provide more secure access to corporate resources.
Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
Samba has released software updates for three security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Samba has released a software update and patches for three security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Microsoft issued the August 2019 Security Updates on Tuesday that include 93 unique vulnerability fixes, 29 of those rated critical. In addition, two of the patches address two critical Remote Code Execution (RCE) "wormable" vulnerabilities (CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services.
Security researchers have spotted QakBot malware used to lockout hundreds to thousands of Active Directory (AD) accounts across a number of enterprises.