#microsoft

Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. "Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post. "There are too many

The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task. Understanding the risks that

A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.

By Deeba Ahmed The new variant stood out among other malware because it can infect any attached removable USB device, e.g., floppy, flash, thumb drives, and any system the removable device is plugged into later. This is a post from HackRead.com Read the original post: PlugX Malware Sneaks Onto Windows PCs Through USB Devices

Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 20 and Jan. 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Razer Synapse version 3.7.0731.072516 suffers from a local privilege escalation due to a DLL hijacking vulnerability.

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn

Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.RUN’s top malware types in 2022 That's why you'll definitely come across this type in your practice, and the Orcus

Knowing what Talos IR is responding to this quarter gives you a direct view into what needs to be most secured and most analyzed to ensure your own environment remains secure.