Microsoft Exchange Autodiscover flaw reveals users’ passwords
Researchers were able to harvest hundreds of thousands of credentials thanks to a quirk of the Autodiscover process.
Microsoft makes a bold move towards a password-less future
Microsoft envisions a password-less future. Password expert Per Thorsheim isn’t so sure.
[updated] Windows MSHTML zero-day actively exploited, mitigations required
In-the-wild attacks are exploiting a vulnerability in MSHTML that can load malicious ActiveX controls in Office documents.
Microsoft warns about phishing campaign using open redirects
Microsoft warned about a massive credential phishing campaign using open redirects. Here’s how you can recognize these phishing mails.
US government and private sector agree to invest time, money in cybersecurity
The Biden Administration and private sector leaders announced some major initiatives to bolster cybersecurity.
Largest DDoS attack ever reported gets hoovered up by Cloudflare
Botnets DDoS attacks are enormous, So is Cloudflare.
Phishing campaign goes old school, dusts off Morse code
Sometimes new technology just doesn’t get the job done.
UPDATED: Patch now! Emergency fix for PrintNightmare released by Microsoft
Microsoft has issued out-of-band updates for the remote code execution PrintNightmare vulnerability.
Microsoft exec reveals “routine” secrecy orders from government investigators
Microsoft exec Tom Burt revealed Wednesday that Federal law enforcement agencies send “routine” secret orders for customer information.
Windows 10 to retire in four years (or 52 Patch Tuesdays, in sysadmin years)
Microsoft plans to terminate support for Windows 10 Home and Pro on 14 October 2025, a decade after the original Windows 10 was brought to market.
