New critical Exchange bug exploited as zero-day
Microsoft warned today in an updated security advisory that a critical vulnerability in Exchange Server was exploited as a zero-day before being fixed during this month’s…
Category: Bleeping Computer
New critical Microsoft Outlook RCE bug is trivial to exploit
Update February 14, 16:50 EST: Article and title revised after Microsoft retracted the “active exploitation” update added to the CVE-2024-21413 advisory. Microsoft says remote unauthenticated…
Zoom patches critical privilege elevation flaw in Windows apps
The Zoom desktop and VDI clients and the Meeting SDK for Windows are vulnerable to an improper input validation flaw that could allow an unauthenticated…
German battery maker Varta halts production after cyberattack
Battery maker VARTA AG announced yesterday that it was targeted by a cyberattack that forced it to shut down IT systems, causing production to stop…
Microsoft Exchange update enables Extended Protection by default
Microsoft is automatically enabling Windows Extended Protection on Exchange servers after installing this month’s 2024 H1 Cumulative Update (aka CU14). Extended Protection (EP) will automatically…
Ubuntu ‘command-not-found’ tool can be abused to spread malware
A logic flaw between Ubuntu’s ‘command-not-found’ package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users.…
DuckDuckGo browser gets end-to-end encrypted sync feature
The DuckDuckGo browser has unveiled a new end-to-end encrypted Sync & Backup feature that lets users privately and securely synchronize their bookmarks, passwords, and Email…
5 Steps to Improve Your Security Posture in Microsoft Teams
Article written by Hananel Livneh, Head of Product Marketing at Adaptive Shield. The cybersecurity risks of SaaS chat apps, such as Microsoft Teams or Slack,…
Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns. Bumblebee is a malware loader discovered in…
Windows 11 KB5034765 update released with Start Menu fixes
Microsoft has released the KB5034765 cumulative update for Windows versions 23H2 and 22H2 to fix several bugs in the OS, including an issue that causes…
Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws
Tag CVE ID CVE Title Severity .NET CVE-2024-21386 .NET Denial of Service Vulnerability Important .NET CVE-2024-21404 .NET Denial of Service Vulnerability Important Azure Active Directory…
Integris Health says data breach impacts 2.4 million patients
Integris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. The…