Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2023-33307: Fortiguard

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.

CVE
#vulnerability#web#ios#microsoft#botnet#zero_day#ssl
レイヤー7の分散型サービス拒否 (DDoS) 攻撃に対するマイクロソフトの対応について

本ブログは、Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks の抄訳版です。最新の情報は原文を参照してください。

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

Summary Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359. These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

Summary Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359. These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.

Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack

Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion tactics against affected companies. The new flaw, which is yet to be assigned a CVE identifier, also concerns an SQL injection vulnerability that "could lead to escalated privileges and potential unauthorized access to the environment." The

CVE-2023-32027

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2023-32026

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2023-29356

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2023-29349

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

CVE-2023-32025

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability