Microsoft – Page 15 – PossibleThreat Articles

MalwareBytes Security

Update now! Two zero-days fixed in 2022’s last patch Tuesday

December 14, 2022 0 Comments Android, Apple, Cisco, citrix, cve-2022-41076, cve-2022-44670, cve-2022-44676, cve-2022-44698, cve-2022-44710, Exploits and vulnerabilities, fortinet, Google, Microsoft, motw, Mozilla, news, Patch Tuesday, race condition, remote powershell, sap

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Android

Tags: Apple

Tags: Mozilla

Tags: Google

Tags: Sap

Tags: Citrix

Tags: Fortinet

Tags: Cisco

Tags: CVE-2022-44698

Tags: MotW

Tags: CVE-2022-44710

Tags: race condition

Tags: CVE-2022-44670

Tags: CVE-2022-44676

Tags: CVE-2022-41076

Tags: remote powershell

The last patch Tuesday of 2022 is here—find out what Microsoft and many others have fixed

(Read more…)

The post Update now! Two zero-days fixed in 2022’s last patch Tuesday appeared first on Malwarebytes Labs.

Security Sophos

Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

December 13, 2022 0 Comments driver signing, Exploit, Microsoft, Patch Tuesday, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 14 Dec 2022 01:13:40 +0000

Tales of derring-do in the cyberunderground! (And some zero-days.)

Security Sophos

2022 Patch Tuesday cycle wraps with 48 CVEs, one advisory

December 13, 2022 0 Comments cve-2022-44690, cve-2022-44693, cve-2022-44698, cve-2022-44710, driver certificate deprecation, driver signature enforcement, drivers, Microsoft, Patch Tuesday, threat research, x-ops

Credit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000

Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight

Security Sophos

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

December 9, 2022 0 Comments Apple, chrome, Cybercrime, Edge, Exploit, Google, Hacking, iOS, Law & order, malware, Microsoft, Naked Security Podcast, Podcast, Privacy, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 09 Dec 2022 16:46:08 +0000

Breaches, exploits, busts, buffer overflows and bug hunting – entertaining and educational in equal measure.

ComputerWorld Independent

A compliance fight in Germany could hurt Microsoft customers

December 7, 2022 0 Comments Data privacy, Government, Microsoft

Credit to Author: eschuman@thecontentfirm.com| Date: Wed, 07 Dec 2022 04:32:00 -0800

If there are two things that should never mix, it’s cybersecurity/privacy compliance and corporate politics. And yet, that’s at the heart of a compliance fight between Microsoft and German authorities that might wind up punishing the company’s customers.

The German Datenschutzkonferenz — the regulatory body entrusted to handle Germany’s flavor of the European Union’s General Data Protection Regulation (GDPR) — has publicly declared that “no data protection-compliant use of Microsoft Office 365 was possible.”

To read this article in full, please click here

Microsoft Security

DEV-0139 launches targeted attacks against the cryptocurrency industry

December 6, 2022 0 Comments cybersecurity, malware, Microsoft, Microsoft security intelligence, Security

Credit to Author: Katie McCafferty| Date: Tue, 06 Dec 2022 17:00:00 +0000

Microsoft security researchers investigate an attack where the threat actor, tracked DEV-0139, used chat groups to target specific cryptocurrency investment companies and run a backdoor within their network.

The post DEV-0139 launches targeted attacks against the cryptocurrency industry appeared first on Microsoft Security Blog.

Security Sophos

Number Nine! Chrome fixes another 2022 zero-day, Edge patched too

December 5, 2022 0 Comments chrome, chromium, cve-2022-4262, Edge, Google, Google Chrome, Microsoft, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Mon, 05 Dec 2022 00:58:04 +0000

Ninth more unto the breach, dear friends, ninth more.

Security Sophos

Number Nine! Chrome fixes another 2022 zero-day, Edge not patched yet

December 4, 2022 0 Comments chrome, chromium, cve-2022-4262, Edge, Google, Google Chrome, Microsoft, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Mon, 05 Dec 2022 00:58:04 +0000

Ninth more unto the breach, dear friends, ninth more.

Security Sophos

How to hack an unpatched Exchange server with rogue PowerShell code

November 22, 2022 0 Comments :proxynotshell, 0 day, cve-2022-41040, cve-2022-41082, Microsoft, Uncategorized, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Tue, 22 Nov 2022 17:54:04 +0000

Review your servers, your patches and your authentication policies – there’s a proof-of-concept out