Microsoft released its monthly patches this week to fix 128 vulnerabilities, including 10 rated as critical, 115 as important, and three flagged as moderately severe. One of the vulnerabilities (CVE-2022-24521 Windows Common Log File System Driver Elevations of Privilege) is being actively exploited by APT groups according to the National Security Agency, so addressing this
Microsoft
China-Based Ransomware Operator Exploiting Log4j Vulnerability
Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on.
According to Microsoft’s threat intelligence team:
“The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe. This open-source component…
November’s Patch Tuesday Includes 55 Patches
Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch Tuesday released 55 patches, six of which were categorized as “critical,” four were previously disclosed (which means that cyber criminals may already be exploiting them), and two are being exploited now. Plugging all of these vulnerabilities…
Apple + Microsoft Release Patches for Identified Vulnerabilities
This week, both Apple and Microsoft issued patches to fix serious zero-day vulnerabilities that should be applied as soon as possible. That means that if you have an iPhone or iPad, you may want to plug your phone or iPad in and apply the newest iOS 15.0.2, which is what I just did as I…
Passwords Used by Iranian-Backed Hackers Against Defense Contractors
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across multiple platforms. It is not just a matter of getting into the company’s systems, but also one of…
Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30, 2021, Microsoft issued new guidance for the vulnerability (CVE-2021-34527) on July 1, updated guidance on July 2, 2021, and an emergency patch on July…
Microsoft Customers Warned of Targeted Scams by NOBELLIUM
Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against some of its customers.
During its continued analysis of the SolarWinds incident, Microsoft recently identified that the Nation-State associated NOBELLIUM group…
Microsoft Releases Additional Resources for Exchange Flaws and CISA Issues Alert
As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is estimated to affect at least 30,000 companies based in the United States. It is reported that the hackers installed web shells (and sometimes multiple web shells) into Microsoft’s customers’ email servers, giving the hackers back doors…
Microsoft Urges Customers to Patch Exchange Server “Zero Day” Vulnerabilities
In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks.”
According to Microsoft’s Threat Intelligence Center, “[W]e are sharing…
Further Fall-Out from Russian Hacking of SolarWinds
U.S. intelligence agencies, including the FBI, the Office of the Director of National Intelligence, the National Security Agency and the Cybersecurity and Infrastructure Security Agency, have confirmed that Russia was behind the SolarWinds hack. It is reported that the FBI is investigating whether Russia hacked into project management software JetBrains’ TeamCity DevOps tool to originally…