Microsoft Exchange Autodiscover flaw reveals users’ passwords

Researchers were able to harvest hundreds of thousands of credentials thanks to a quirk of the Autodiscover process.

Read more

Microsoft makes a bold move towards a password-less future

Microsoft envisions a password-less future. Password expert Per Thorsheim isn’t so sure.

Read more

[updated] Windows MSHTML zero-day actively exploited, mitigations required

In-the-wild attacks are exploiting a vulnerability in MSHTML that can load malicious ActiveX controls in Office documents.

Read more

Microsoft warns about phishing campaign using open redirects

Microsoft warned about a massive credential phishing campaign using open redirects. Here’s how you can recognize these phishing mails.

Read more

US government and private sector agree to invest time, money in cybersecurity

The Biden Administration and private sector leaders announced some major initiatives to bolster cybersecurity.

Read more

Largest DDoS attack ever reported gets hoovered up by Cloudflare

Botnets DDoS attacks are enormous, So is Cloudflare.

Read more

Phishing campaign goes old school, dusts off Morse code

Sometimes new technology just doesn’t get the job done.

Read more

UPDATED: Patch now! Emergency fix for PrintNightmare released by Microsoft

Microsoft has issued out-of-band updates for the remote code execution PrintNightmare vulnerability.

Read more

Microsoft exec reveals “routine” secrecy orders from government investigators

Microsoft exec Tom Burt revealed Wednesday that Federal law enforcement agencies send “routine” secret orders for customer information.

Read more

Windows 10 to retire in four years (or 52 Patch Tuesdays, in sysadmin years)

Microsoft plans to terminate support for Windows 10 Home and Pro on 14 October 2025, a decade after the original Windows 10 was brought to market.

Read more

Select your language