Microsoft
Flaw in Aged Boa Web Server Threatens Supply Chain
Microsoft may have retired the Boa web server in 2005, but that hasn’t stopped widespread use—and now the company is saying a vulnerability in the server’s open source component has been exploited ...
Cyber Security DE:CODED – Security opportunities for Managed Service Providers
“Every SMB is an expert in something. A passion. It’s probably not anti-virus…” Show notes for series 2, episode 7 Small business and Managed Service Provider special! In June 2022*, we set ...
Patch Tuesday, November 2022 Election Edition
Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are ...
Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn
Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password ...
Two New Exchange Zero-Days Raise Questions About Microsoft Security
Microsoft finally issued CVEs—CVE-2022–41040 and CVE-2022–41082—for two new zero-day vulnerabilities in Exchange, ending a few days of speculation that the duo were, in fact, ProxyShell flaws uncovered in 2021. “I am calling ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 26, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked
Passkeys are coming soon to Apple iOS 16 so what are passkeys and why are they an eventual replacement for passwords? Researchers have discovered a new attack that uses mouse movement in ...
Tripwire Patch Priority Index for August 2022
Tripwire’s August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 ...
Auth Token Mining Weakens Microsoft Teams Security
Microsoft Teams users, beware. Anyone signed into the app can have their credentials stolen by miscreants with file system access who follow an attack path recently identified by the Vectra Protect team ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...