On Tuesday, Microsoft set off alarm bells after finding Chinese cyber-espionage operators chaining several zero-day exploits to drain off e-mail data from corporate Microsoft Exchange servers. Redmond’s warning comprises the release of emergency out-of-band fixes for four distinct zero-day flaws that shaped part of the hacker’s arsenal. The software giant Continue Reading
A French security scientist has inadvertently found a zero-day flaw that affects the Windows 7 and Windows Server 2008 R2 operating systems while working on an update to a Windows security tool. The bug was discovered in two misconfigured registry keys for the RPC Endpoint Mapper and DNSCache services that Continue Reading
A serious flaw that’s existed in Microsoft’s Windows DNS Server for as many as 17 years could be abused to acquire Domain Administrator privileges and affect the whole commercial infrastructure behind it. Tracked as CVE-2020-1350 and named SIGRed, the vulnerability is a remote code execution that impacts Windows Server versions Continue Reading
As per reports, cybercriminals have deployed ransomware on the systems of American hospitals and government organizations using Active Directory credentials. Although the flaw, traced as CVE-2019-11510, was fixed by Pulse Secure a year ago, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) cautioned companies in January 2020 to fix their Pulse Secure VPN servers Continue Reading
Related News: Microsoft Exchange server flaw being exploited by nation-state actors Companies are delaying in fixing Microsoft Exchange Server vulnerability (CVE-2020-0688) that the software giant repaired with February 2020 Patch Day updates. The CVE-2020-0688 fault exists in the Exchange Control Panel (ECP) module; the major reason of the problem is that Exchange servers Continue Reading
By