Microsoft

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains

Endpoint Security, Microsoft, OpenVPN, remote code execution, VPN, Vulnerabilities /

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains 2024-08-12 at 19:01 By Ryan Naraine The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks. The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Loading spinner

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains Read More »

August 2024 Patch Tuesday forecast: Looking for a calm August release

Adobe, apple, Expert analysis, Google, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions, security update /

August 2024 Patch Tuesday forecast: Looking for a calm August release 2024-08-09 at 13:01 By Help Net Security July ended up being more ‘exciting’ than many of us wanted; we’re supposed to be in the height of summer vacation season. First, we had a large set of updates on Patch Tuesday, then we had to

React to this headline:

Loading spinner

August 2024 Patch Tuesday forecast: Looking for a calm August release Read More »

CrowdStrike engages external experts, details causes of massive outage

CrowdStrike, Don't miss, EFF, Endpoint Security, Hot stuff, Microsoft, News, product testing, security review /

CrowdStrike engages external experts, details causes of massive outage 2024-08-07 at 16:01 By Zeljka Zorz CrowdStrike has published a technical root cause analysis of what went wrong when a content update pushed to its Falcon sensors borked over 8.5 million Windows machines around the world on July 19, and has confirmed that it has hired

React to this headline:

Loading spinner

CrowdStrike engages external experts, details causes of massive outage Read More »

Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million

CrowdStrike, Delta, Featured, Incident Response, Microsoft /

Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million 2024-08-07 at 05:16 By Associated Press Microsoft is trying to determine “why other airlines were able to fully restore business operations so much faster than Delta.” The post Microsoft Hits Back at Delta After the Airline Said Last

React to this headline:

Loading spinner

Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million Read More »

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash

BSOD, CrowdStrike, disaster recovery, Falcon, Featured, Incident Response, Microsoft, Vulnerabilities, Windows /

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash 2024-08-06 at 21:16 By Ryan Naraine CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a “confluence” of vulnerabilities and testing gaps. The post CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash Read More »

Researchers unearth MotW bypass technique used by threat actors for years

Don't miss, Elastic, Features, malware detection, Microsoft, News, security controls, vulnerability, Windows /

Researchers unearth MotW bypass technique used by threat actors for years 2024-08-06 at 14:31 By Zeljka Zorz Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multiple samples

React to this headline:

Loading spinner

Researchers unearth MotW bypass technique used by threat actors for years Read More »

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year

bug bounty program, Microsoft, Vulnerabilities /

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year 2024-08-06 at 13:16 By Eduard Kovacs Microsoft paid out $16.6 million to over 340 security researchers through its bug bounty programs over the past year. The post Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year Read More »

Alex Stamos Named CISO at SentinelOne

CISO, CISO Strategy, CrowdStrike, Management & Strategy, Microsoft, Nation-State, SentinelOne, Yahoo /

Alex Stamos Named CISO at SentinelOne 2024-08-01 at 19:16 By Ryan Naraine Longtime security executive Alex Stamos tapped by SentinelOne to manage its security engineering and operations teams. The post Alex Stamos Named CISO at SentinelOne appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Alex Stamos Named CISO at SentinelOne Read More »

Microsoft Says Azure Outage Caused by DDoS Attack Response

Azure, cloud security, DDoS, Featured, Microsoft, outage /

Microsoft Says Azure Outage Caused by DDoS Attack Response 2024-07-31 at 16:06 By Eduard Kovacs Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages. The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Azure Outage Caused by DDoS Attack Response Read More »

Microsoft: DDoS defense error amplified attack on Azure, leading to outage

botnet, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, News /

Microsoft: DDoS defense error amplified attack on Azure, leading to outage 2024-07-31 at 13:46 By Zeljka Zorz A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed. Microsoft’s mitigation statement on the Azure status history page Microsoft Azure, 365 outage triggered

React to this headline:

Loading spinner

Microsoft: DDoS defense error amplified attack on Azure, leading to outage Read More »

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

CVE, Don't miss, enterprise, Hot stuff, Microsoft, News, Ransomware, virtualization, VMWare, vulnerability /

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) 2024-07-30 at 14:01 By Zeljka Zorz Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner Broadcom has released a fix for CVE-2024-37085 on

React to this headline:

Loading spinner

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) Read More »

Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw

CVE-2024-37085, Microsoft, Ransomware, VMWare, VMware ESXi, Vulnerabilities /

Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw 2024-07-29 at 21:46 By Ryan Naraine VMware did not mention in-the-wild exploitation for CVE-2024-37085 but Microsoft says ransomware gangs are abusing the just-patched flaw. The post Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw Read More »

Some good may come out of the CrowdStrike outage

Bitdefender, CrowdStrike, Don't miss, Endpoint Security, Fortinet, fraud, Hot stuff, Malware, Microsoft, News, SecureWorks, Trellix, UpGuard, Windows /

Some good may come out of the CrowdStrike outage 2024-07-29 at 19:31 By Zeljka Zorz Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. Some silver linings As CrowdStrike was forced to explain,

React to this headline:

Loading spinner

Some good may come out of the CrowdStrike outage Read More »

CrowdStrike blames buggy testing software for disastrous update

CrowdStrike, cybersecurity, Don't miss, Hot stuff, Microsoft, News /

CrowdStrike blames buggy testing software for disastrous update 2024-07-24 at 15:32 By Zeljka Zorz A bug in the Content Validator – a software element CrowdStrike relies on for testing and validating Rapid Response Content updates for its Falcon Sensors – is (partly) why the faulty update wasn’t caught in time, the company said. In a

React to this headline:

Loading spinner

CrowdStrike blames buggy testing software for disastrous update Read More »

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

CrowdStrike, Don't miss, Hot stuff, Microsoft, News, Orca Security, phishing, tech support scam, Trend Micro, virtualization, Windows, Windows Server /

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update 2024-07-22 at 15:16 By Zeljka Zorz By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows

React to this headline:

Loading spinner

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update Read More »

Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool

CrowdStrike, Endpoint Security, Featured, Incident Response, Microsoft, outage, tool /

Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool 2024-07-21 at 16:31 By Mike Lennon Microsoft says roughly 8.5 million Windows devices were impacted by the faulty software update from CrowdStrike, and published a tool to help admins through the recovery process. The post Microsoft Says 8.5 Million Windows Devices Impacted

React to this headline:

Loading spinner

Microsoft Says 8.5 Million Windows Devices Impacted by CrowdStrike Incident, Publishes Recovery Tool Read More »

Bad CrowdStrike Update Linked to Major IT Outages Worldwide

BSOD, buggy update, CrowdStrike, Featured, Incident Response, Microsoft /

Bad CrowdStrike Update Linked to Major IT Outages Worldwide 2024-07-19 at 14:01 By Eduard Kovacs Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update. The post Bad CrowdStrike Update Linked to Major IT Outages Worldwide appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Bad CrowdStrike Update Linked to Major IT Outages Worldwide Read More »

Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge?

AI, Artificial Intelligence, ChatGPT, Featured, generative AI, Government, Microsoft, OpenAI, Regulations /

Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge? 2024-07-10 at 16:46 By Kevin Townsend Few people understand AI, nor how to use nor control it, nor where it is going. Yet politicians wish to regulate it. The post Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge? appeared first on

React to this headline:

Loading spinner

Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge? Read More »

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

0-day, Action1, Automox, CVE, Don't miss, Hot stuff, Microsoft, MS SQL Server, News, Patch Tuesday, security update, Trend Micro, virtualization, vulnerability, Windows /

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) 2024-07-09 at 22:31 By Zeljka Zorz For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in Windows Hyper-V and Windows MSHTML Platform (respectively). Zero-days exploited in the wild (CVE-2024-38080, CVE-2024-38112) CVE-2024-38080 is a

React to this headline:

Loading spinner

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) Read More »

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

Adobe, Hyper-V, Incident Response, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited 2024-07-09 at 22:04 By Ryan Naraine Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Read More »

Scroll to Top