-
A new remote code execution vulnerability has been identified to be affecting multiple Microsoft products including .NET, .NET Framework and Visual Studio. This vulnerability has been assigned CVE-2024-21409, and its severity has been given as 7.3 (High). This vulnerability is associated with the Use After Free condition, in which the pointer to a memory is [β¦] The post Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a breach in Microsoftβs corporate email system. The directive, ED 24-02, outlines the urgent steps required to mitigate the risks posed by Midnight Blizzard, a nation-state-sponsored cyber actor. This group has successfully exfiltrated sensitive email correspondence between Federal Civilian Executive Branch (FCEB) [β¦] The post Midnight Blizzardβs Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
On April Patch Tuesday, Microsoft fixed 149 bugsβone of the biggest security update releases in the companyβs history.Β Many of its software products, such as Microsoft Office and its SQL Server database package, have fixed vulnerabilities. The majority of vulnerabilities are in the Windows operating system, and nine CVEs were found in the Azure cloud [β¦] The post Microsoft Patch Tuesday: 149 Security Vulnerabilities & Zero-days appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The professional and personal online spheres are merging as social media platforms like Facebook, LinkedIn, and WhatsApp are now commonly used for work communication. Their integration creates cybersecurity vulnerabilities.Β Threat actors can target employees on social media using their accounts accessed from work devices. These accounts act as attack vectors, allowing unauthorized access to the [β¦] The post Microsoft Two-Step Phishing Campaign Attack LinkedIn Users appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Hackers have been found leveraging Microsoft OneNote files as a vector to compromise systems across various industries. The campaign, under the radar of cybersecurity experts, showcases a new trend in cyber threats, exploiting commonly used office applications to gain unauthorized access to corporate networks. The Campaign Unveiled The malicious campaign was first documented by pr0xylife [β¦] The post Hackers Using Microsoft OneNote Files to Orchestrate Cyber Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft SharePoint Server, CVE-2023-24955. This vulnerability poses a significant risk to organizations using the platform. It allows attackers with certain privileges to execute code remotely, potentially leading to unauthorized access and control over the affected systems. Microsoft SharePoint Server Code Injection Vulnerability [β¦] The post CISA Warns of Hackers Exploiting Microsoft SharePoint Server appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included in the Edge Bounty Program. The Microsoft Edge Bounty Program aims to find vulnerabilities that are specific to the upcoming Chromium-based Microsoft Edge, and that instantlyΒ affect customersβ security. The Program invites people worldwide to look for and report Chromium-based Microsoft Edge-specific [β¦] The post Microsoft Expands Edge Bounty Program to Include WebView2! appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Federal Office for Information Security (BSI) in Germany has announced that at least 17,000 Microsoft Exchange servers across the country are exposed to one or more critical vulnerabilities. This figure only scratches the surface, as several servers remain unaccounted for, potentially harboring similar risks. The BSIβs findings underscore a pressing cybersecurity crisis, urging immediate action [β¦] The post 17,000+ Microsoft Exchange Servers Vulnerable to Multiple Critical Vulnerabilities appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Microsoft released an out-of-band update, KB5037422, on March 22, 2024, specifically for Windows Server 2022 (OS Build 20348.2342) to address a critical memory leak issue in the Local Security Authority Subsystem Service (LSASS).Β The leak occurred on domain controllers (DCs) after installing the March 2024 security updates (KB5035857) and impacted both on-premises and cloud-based Active [β¦] The post Microsoft Releases Out-of-band Update to Fix Windows Server Memory Leak Flaw appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
CYBERSECURITY / DEFENSE / INTELLIGENCE
