Active Directory

Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / / / , , , , , , , , , , , , , , , , , , , , , , , , ,

The Microsoft October 2022 Security Updates includes patches and advisories for 84 vulnerabilities, including 2 zero-day and 13 Critical severity issues. However, the ProxyNotShell vulnerabilities were not addressed.

Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days) Read More »

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / / / , , , , , , , , , , , , , ,

The Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple (2), Microsoft (2), SAP, Google Chrome, and Palo Alto Networks.

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Samba patches 5 vulnerabilities, 1 rated High severity (CVE-2022-32744)

Security Updates & Patches, Vulnerabilities & Exploits / / / , , , , ,

Samba has released software updates to fix five vulnerabilities in multiple Samba software products. One of the fixed issues could allow Samba AD users to forge password change requests for any user.

Samba patches 5 vulnerabilities, 1 rated High severity (CVE-2022-32744) Read More »

cyber security, information security, data privacy-3400657.jpg

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / / / , , , , , , , , , , , , ,

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities Read More »

Nobelium targets CSPs, MSPs and IT organizations to launch broader attacks

Cybersecurity Attacks, Third-Party Security / / / , , , , , ,

Microsoft has released a new report on Nobelium that has been targeting cloud service providers (CSPs), managed service providers (MSPs) and other IT organizations in order to launch broader attacks against customers they serve.

Nobelium targets CSPs, MSPs and IT organizations to launch broader attacks Read More »

Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277)

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / / / , , , , , ,

Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

Samba fixes two High severity bugs (CVE-2020-27840 and CVE-2021-20277) Read More »

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Cloud Security, Cybersecurity Attacks, Security Monitoring / / / , , ,

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers Read More »

TrickBot trojan updates propagation module with nworm to evade detection

Malware / / / , , , , , , ,

TrickBot recently replaced one of its propagation modules “mworm” with new module named “nworm.” The updated module can exploit vulnerable domain controllers (DCs) and evade detection by running in memory.

TrickBot trojan updates propagation module with nworm to evade detection Read More »

  1. Pages:
  2. 1
  3. 2