#microsoft

CVE-2022-4009: Security Advisory 2023-05

In affected versions of Octopus Deploy it is possible for a user to introduce code via offline package creation

2 years ago

#vulnerability #windows #microsoft #linux

Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild

Cisco Talos is urging all users to update Microsoft Outlook after the discovery of a critical vulnerability, CVE-2023-23397, in the email client that attackers are actively exploiting in the wild.

2 years ago

TALOS

Open in Source

#vulnerability #web #ios #android #mac #windows #microsoft #cisco #samba #auth

CVE-2023-24468: Advanced Authentication 6.4 Service Pack 1 Patch 1 Release Notes

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2

2 years ago

CVE

Open in Source

#web #ios #android #mac #windows #google #microsoft #linux #auth #chrome #firefox

Hornetsecurity Launches VM Backup V9

Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom.

2 years ago

DARKReading

Open in Source

#mac #microsoft #amazon #git #vmware

Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns

An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch.

2 years ago

DARKReading

Open in Source

#vulnerability #web #microsoft #asp.net

Microsoft Patch Tuesday, March 2023 Edition

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction.

2 years ago

Krebs on Security

Open in Source

#vulnerability #web #windows #microsoft #auth #zero_day #blog

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss prevention (DLP) company that caters to government and military entities. "The attackers compromised the DLP company's internal update servers to deliver malware inside the software developer's network, and trojanized installers of legitimate tools used by the company, which

2 years ago

The Hacker News

Open in Source

#web #microsoft #git #backdoor #zero_day #The Hacker News

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant fixed in its Chromium-based Edge browser in recent weeks. The

Update now! Microsoft fixes two zero-day bugs

Categories: Exploits and vulnerabilities Categories: News Tags: patch Tuesday Tags: March Tags: 2023 Tags: Microsoft Tags: Adobe Tags: Fortinet Tags: Android Tags: SAP Tags: CVE-2023-23397 Tags: CVE-2023-24880 Tags: CVE-2023-26360 Tags: CVE-2022-41328 This Patch Tuesday, Microsoft has released fixes for two actively exploited zero-days and Adobe has fixed one. (Read more...) The post Update now! Microsoft fixes two zero-day bugs appeared first on Malwarebytes Labs.

2 years ago

Malwarebytes

Open in Source

#vulnerability #web #ios #android #windows #microsoft #java #auth #zero_day #sap

How Patch Tuesday Keeps the Beat After 20 Years

Patch Tuesday turned security updates from chaotic events into a routine. Here's how we got here and where things might be heading.

2 years ago

DARKReading

Open in Source

#vulnerability #web #mac #windows #microsoft #oracle #intel #rce #zero_day #sap