Microsoft has warned that Nobelium threat actors are using a new backdoor malware dubbed FoggWeb to target Active Directory Federation Services (AD FS) servers.
Microsoft has published new guidance on Open Management Infrastructure (OMI) vulnerabilities within Azure virtual management (VM) Management extensions.
Microsoft has warned of active exploits in the wild for an MSHTML RCE Vulnerability (CVE-2021-40444). The tech giant also released workarounds for the threat until a permanent fix is released.
Cyberattackers are scanning and exploiting ProxyShell vulnerabilities on unpatched Microsoft Exchange servers.
Microsoft has released the August 2021 Security updates that includes patches for 49 vulnerabilities, 7 of those rated Critical. The updates also include fixes for 3 zero-day bugs exploited in the wild.
Researchers have discovered a new malware campaign that bypasses Microsoft Office malware-protections to deliver a new variant of the Zloader trojan.
The U.S. Justice Department has announced the seizure of domains used in Nobelium spear-phishing attacks previously identified by Microsoft last week.
The Microsoft Threat Intelligence Center (MSTIC) has uncovered a "sophisticated email-based attack" operated by NOBELIUM, as part of a wide-scale malicious email campaign.
Microsoft has released the May 2021 Security updates that includes patches for 55 vulnerabilities, 4 of those rated Critical. The updates also include fixes for 3 zero-day flaws.
Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed "BadAlloc" that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.