Collaborate Disseminate
The CNCERT said it had “handled’ two attacks on Chinese tech companies, which it attributed to an unnamed suspected U.S. intelligence agency.
The post Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets appeared first on CyberScoop.
Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart. Until NTLM gets disabled by default, Microsoft is working on shoring up defense… Continue reading Microsoft enforces defenses preventing NTLM relay attacks
The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024. Continue reading Exploits and vulnerabilities in Q2 2024
Kaspersky analysts explain which applications are targeted the most, and how enterprises can protect themselves from phishing and spam. Continue reading Cybersecurity in the SMB space — a growing threat
This Week in IT, I cover everything you need to know about Microsoft’s new edition of Exchange Server, which is due to launch in 2025. Exchange Server will follow a similar path to on-premises SharePoint and the new edition will also bring with it some… Continue reading Microsoft Announces Big Changes for On-Premises Exchange Server
The report provides vulnerability and exploit statistics, key trends, and analysis of interesting vulnerabilities discovered in Q1 2024. Continue reading Exploits and vulnerabilities in Q1 2024
Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates are no longer offered for them,” the German Federal Office for Informati… Continue reading 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns
On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known or actively exploited. Last month, though, several days after Patch Tuesday,… Continue reading March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild. About CVE-2024-21412 and CVE-2024-21351 CVE-2… Continue reading Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned. Compromising email … Continue reading Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)