microsoft – Page 9 – Computer Security Articles

Hidden in the basic infrastructure that runs the US military is a powerful piece of Windows-borne Chinese malware that can disrupt the communications systems, power grids, and water supplies at the military’s bases around the world. One US congressional aide calls it a “ticking time bomb” that as The New York Times put it, “could give China the power to interrupt or slow American military deployments or resupply operations by cutting off power, water and communications to US military bases.”

To read this article in full, please click here

ComputerWorld Independent

August 11, 2023 admin

Patch Tuesday: Microsoft rolls out 90 updates for Windows, Office

With its August Patch Tuesday release, Microsoft pushed out 90 updates for the Windows and Office platforms. The latest fixes include another update for Microsoft Exchange (along with with a warning about failed updates to Exchange Server 2016 and 2019) and a “Patch Now” recommendation from us for Office.

The team at Application Readiness has crafted this useful infographic outlining the risks associated with each of the updates for this month.

To read this article in full, please click here

Security Sophos

August 9, 2023 admin

A piñata of patches for Microsoft in August

Credit to Author: Angela Gunn| Date: Wed, 09 Aug 2023 18:28:41 +0000

A lighter month than July with just 73 fixes on tap, but a phalanx of advisories and third-party alerts will keep sysadmins bashing away

Independent Krebs

August 8, 2023 admin

Microsoft Patch Tuesday, August 2023 Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Aug 2023 02:22:57 +0000

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild.

ComputerWorld Independent

August 7, 2023 admin

Has Microsoft cut security corners once too often?

Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 07 Aug 2023 10:00:00 -0700

As Microsoft revealed tidbits of its post-mortem investigation into a Chinese attack against US government agencies via Microsoft, two details stand out: the company violated its own policy and did not store security keys within a Hardware Security Module (HSM) — and the keys were successfully used by attackers even though they had expired years earlier.

This is simply the latest example of Microsoft quietly cutting corners on cybersecurity and then only telling anyone when it gets caught.

To read this article in full, please click here

Independent Krebs

August 4, 2023 admin

Teach a Man to Phish and He’s Set for Life

Credit to Author: BrianKrebs| Date: Fri, 04 Aug 2023 13:49:15 +0000

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.

ComputerWorld Independent

July 14, 2023 admin

Four zero-days make July 's Patch Tuesday a 'patch now' update

With this month’s Patch Tuesday update, Microsoft addressed 130 security vulnerabilities, published two advisories, and included four major CVE revisions. We also have four zero-days to manage for Windows (CVE-2023-32046, CVE-2023-32049, CVE-2023-36874 and CVE-2023-36884), bringing the Windows platform into a “patch now” schedule.

To read this article in full, please click here

MalwareBytes Security

July 13, 2023 admin