DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively...more
In the aftermath of what could be one of the most widespread global information technology outages in history, organizations are putting a renewed focus on combating old vulnerabilities that can have cascading effects. ...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
The business world woke up Friday to yet another emergency. A CrowdStrike outage has caused computer shutdowns across the globe affecting businesses in every sector. More likely than not, your business is being affected by...more
On September 26, 2023, Windows released a configuration update on Windows 11 version 22H2 (all editions) that is worth reading and applying, particularly if you use Windows Copilot....more
CYBERSECURITY - CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits - Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...more
Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against...more
IT professionals leave room in their schedules for Microsoft’s monthly Patch Tuesday just as I leave room in my schedule every Wednesday night for blog writing. ...more
The National Security Agency (NSA) recently issued a warning to private industry about four zero-day vulnerabilities in Microsoft Exchange Server versions 2013, 2016, and 2019 used on-premises....more
As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is estimated to affect at least 30,000 companies based in the United States....more
I continue to be amazed in my day-to-day virtual conversations by how many people are unaware of one of the most devastating compromises ever to happen—the recent compromise of Microsoft’s Exchange versions 2013-2019....more
Hackers are targeting U.S. government networks, according to U.S. Cyber Command, which says there is a vulnerability of CVE-2017-1174, which is a two year old flaw in Microsoft Outlook that is being used by attackers to...more