Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Continue Reading Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Microsoft Exchange 2013 and newer versions vulnerable to NTLM relay attacks

Microsoft Exchange 2013 and newer versions are vulnerable to NTLM relay attacks and privileged escalation. Administrators should review and apply the necessary workarounds until a permanent patch is made available.

Continue Reading Microsoft Exchange 2013 and newer versions vulnerable to NTLM relay attacks

Microsoft May 2018 patch updates

Microsoft issued May 2018 Security Updates that include at least 68 vulnerability fixes, 21 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Office, Office Services and Web Apps, ChakraCore, Exchange Server, Windows Host Compute Service Shim and Adobe Flash.

Continue Reading Microsoft May 2018 patch updates