Hot Topics

Microsoft

vulnerability ADA bots standing Boa Web3 NIST supply chain digital data

Flaw in Aged Boa Web Server Threatens Supply Chain

| | Boa, Endpoint security, Microsoft, vulnerability, web server
Microsoft may have retired the Boa web server in 2005, but that hasn’t stopped widespread use—and now the company is saying a vulnerability in the server’s open source component has been exploited ...
Security Boulevard
🥇

Cyber Security DE:CODED – Security opportunities for Managed Service Providers

| | 2022, Apple, Business Tips, Cloud, Cyber Essentials, Cybersecurity, Hacking, living off the land, Microsoft, Phishing, Physical Security, Podcast, RaaS, ransomware as a service, security poverty, small business, social engineering, Targeted attacks, Threat Intelligence
“Every SMB is an expert in something. A passion. It’s probably not anti-virus…” Show notes for series 2, episode 7 Small business and Managed Service Provider special! In June 2022*, we set ...
SE Labs Blog
Patch Tuesday, November 2022 Election Edition

Patch Tuesday, November 2022 Election Edition

| | AskWoody, CVE-2022-41073, CVE-2022-41080, CVE-2022-41082, CVE-2022-41091, CVE-2022-41125, CVE-2022-41128, Immersive Labs, Kevin Breen, Microsoft, Microsoft Patch Tuesday November 2022, SANS Internet Storm Center, Satnam Narang, Tenable, Time to Patch, Windows, Windows Print Spooler
Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are ...
Krebs on Security
Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn

Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn

| | Bots, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, Fake accounts, Fake Profiles, Information Security, Infosec, Joe Sullivan, linkedin, Microsoft, NIST, Password, Password Expiration, passwords, Podcast, Privacy, security, technology, Uber, Weekly Edition
Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password ...
The Shared Security Show
PII Microsoft Koverse data protection impact assessment DPIA Dell AWS data protection cybersecurity

Two New Exchange Zero-Days Raise Questions About Microsoft Security

| | Exchange, exchange vulnerability, Microsoft, ProxyShell
Microsoft finally issued CVEs—CVE-2022–41040 and CVE-2022–41082—for two new zero-day vulnerabilities in Exchange, ending a few days of speculation that the duo were, in fact, ProxyShell flaws uncovered in 2021. “I am calling ...
Security Boulevard

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 26, 2022

| | Featured Articles, Intel, Microsoft, sophos, VERT News, Windows, Windows 11, zero-day, Zero-day Vulnerability
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
The State of Security
What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked

What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked

| | 2K Games, Apple, Cybersecurity, Data Privacy, Digital Privacy, help desk, Information Security, Infosec, iOS 16, iPhone 14, Malware, Microsoft, Passkeys, passwords, Podcast, powerpoint, powershell, Privacy, security, technology, Weekly Edition
Passkeys are coming soon to Apple iOS 16 so what are passkeys and why are they an eventual replacement for passwords? Researchers have discovered a new attack that uses mouse movement in ...
The Shared Security Show

Tripwire Patch Priority Index for August 2022

| | CVE, Microsoft, PPI, VERT, Vulnerabilities
Tripwire’s August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 ...
The State of Security
PII Microsoft Koverse data protection impact assessment DPIA Dell AWS data protection cybersecurity

Auth Token Mining Weakens Microsoft Teams Security

| | Authentication, collaboration, identity, Microsoft, Microsoft Teams
Microsoft Teams users, beware. Anyone signed into the app can have their credentials stolen by miscreants with file system access who follow an attack path recently identified by the Vectra Protect team ...
Security Boulevard

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022

| | api, aws, ios, Microsoft, TikTok, VERT News, vulnerability, wordpress
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
The State of Security
Load more