There was a big win for the good guys against the bad guys this week. On December 13, 2023, after obtaining an order from the federal court in the Southern District of New York to seize U.S. based infrastructure and take offline websites used by a group Microsoft identifies as Storm-1152, Microsoft’s Digital Crimes Unit

I hate to say, “I told you so,” but I did. I have repeatedly warned against scanning QR codes. Following the pandemic and scanning QR codes at restaurants, people have become very comfortable with scanning QR codes, don’t think twice about it, and don’t fully grasp the risk associated with a malicious QR code. Find

Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’ systems.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory following Microsoft’s release of the mitigation steps, encouraging “users and administrators to review

Microsoft released its monthly patches this week to fix 128 vulnerabilities, including 10 rated as critical, 115 as important, and three flagged as moderately severe. One of the vulnerabilities (CVE-2022-24521 Windows Common Log File System Driver Elevations of Privilege) is being actively exploited by APT groups according to the National Security Agency, so addressing this

Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on.

According to Microsoft’s threat intelligence team:

“The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe. This open-source component

Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch Tuesday released 55 patches, six of which were categorized as “critical,” four were previously disclosed (which means that cyber criminals may already be exploiting them), and two are being exploited now. Plugging all of these vulnerabilities

Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT)  Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30, 2021, Microsoft issued new guidance for the vulnerability (CVE-2021-34527) on July 1, updated guidance on July 2, 2021, and an emergency patch on July