#microsoft

Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered two new vulnerabilities in Accusoft ImageGear.  The ImageGear library is a document-imaging developer toolkit that allows users to create, edit, annotate and convert... [[ This is only the beginning! Please visit the blog for the complete entry ]]

A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information. "The Chinese APT used a spear-phishing email to deliver a beacon of a Red Team framework known as 'Viper,'" Cluster25 said in a report published last week. "The target of this attack is currently unknown but with high

Aamir Lakhani, global security strategist and researcher at FortiGuard Labs, zeroes in on how adversaries are targeting 'remote everything'.

relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in the filesystem) in certain situations involving offsets beyond ValidDataLength.

A deep dive into securing containerized environments and understanding how they present unique security challenges.

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29 (aka Cozy Bear), with some set of the activities associated with the crew assigned the moniker Nobelium (

Red Hat JBoss Web Server 5.6.2 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0778: openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

Your Microsoft computer comes with built-in safety software that shields you from the worst threats. Here's how to navigate your toolkit.

Google has released an update for the Chrome browser that includes 30 security fixes. Edge and other Chromium-based browsers also need updating. The post Update now! Critical patches for Chrome and Edge appeared first on Malwarebytes Labs.

Microsoft claims Ukraine has been hit with hundreds of cyberattacks from well-known state-backed Russian hacking groups. The post Russia continues digital onslaught against Ukrainian systems appeared first on Malwarebytes Labs.