+44 (0)203 88 020 88

Menu

Search

microsoft

Microsoft Issue Warning Over Android Toll Fraud

Toll fraud malware is similar to billing fraud; it triggers the subscription of users to premium services without their knowledge or consent. Microsoft have called toll fraud “one of the most prevalent types of Android malware”, emphasising why it is important to keep informed about this actively evolving threat. Users of Android 9.0 or lower […]

Microsoft Issue Warning Over Android Toll Fraud Read More »

Microsoft Patches Linux Cluster Bug

The Microsoft Security Response Centre released a blog post this week about a Service Fabric (SF) Linux Cluster vulnerability. This bug has been identified on both Linux and Windows operating systems, however Microsoft claims only Linux is vulnerable to attack. This vulnerability was published as CVE-2022-30137 by Microsoft earlier this month.  Azure Service Fabric is a distributed systems

Microsoft Patches Linux Cluster Bug Read More »

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far

Last week saw the addition of 39 known exploited cybersecurity vulnerabilities to the CISA catalogue, bringing the total added in June so far to 40. The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the US government, released an alert on Wednesday, to make people aware of the threats posed by these vulnerabilities, which

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far Read More »

Microsoft Office Zero-Day attack identified

A new vulnerability has been discovered that can allow a malicious document to run arbitrary code on a Windows computer.  Although the obvious attack vector is MS Office documents, Microsoft is describing this as a Windows Operating System vulnerability according to CVE-2022-30190. A Word Document was found to be able to abuse the Microsoft Windows

Microsoft Office Zero-Day attack identified Read More »

Microsoft warns of Kerberos Relay attacks

Microsoft has issued several updates to help Systems Admins protect their networks against Kerberos Relay attacks.  Microsoft have said no security patch will be provided to mitigate this attack vector, so config changes must be made to default Windows Domain Controller on premise installations.  Microsoft explains the vulnerability in a recent blog post: Detecting and

Microsoft warns of Kerberos Relay attacks Read More »

Microsoft patches critical zero-day

Critical remote code execution and elevation of privilege vulnerabilities were among the 75 total vulnerabilities that have been fixed in Microsoft’s May Patch Tuesday this week. These essential patches include fixes for currently exploited zero-day vulnerabilities, one of which is a novel NTLM relay attack, identified as CVE-2022-26925, which affects all versions of Windows. This

Microsoft patches critical zero-day Read More »

Nimbuspwn vulnerability hits Linux

Researchers at Microsoft have documented a family of vulnerabilities that affect Linux systems, dubbed Nimbuspwn.  These vulnerabilities can be chained together in order to gain root privileges on Linux systems allowing attackers to install malware and access all data on the server. The vulnerabilities in the networkd-dispatcher are tracked as CVE-2022-29799 and CVE-2022-29800.   Networkd-dispatcher runs as root and

Nimbuspwn vulnerability hits Linux Read More »

Microsoft upgrades security of Office and Windows

Microsoft has announced several steps they are taking to improve the default security of Office document and Windows systems by protecting them against malicious macros and LOL-bins attacks.   Microsoft Office to block macros for all Internet documents Microsoft is changing the default behaviour of Office applications that can contain VBA macros. Currently when a

Microsoft upgrades security of Office and Windows Read More »

0

No products in the basket.

No products in the basket.