Conti Targets ProxyShell
The Conti ransomware gang is actively targeting unpatched Microsoft Exchange servers through the same exploit used to target servers earlier this year. Conti is targeting networks with ProxyShell, an evolution…
Chinese Link in Serv-U SSH Breach
Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with "high confidence" to a threat…
Microsoft Exchange New ProxyToken Headache
A critical vulnerability in Microsoft Exchange Server dubbed as ProxyToken could allow an unauthenticated attacker to access and steal emails from a target’s mailbox. Microsoft Exchange uses two websites.The front-end…
Microsoft Phishing Campaign
Microsoft have reported about a new phishing campaign that they have detected recently, and they have also claimed that this campaign is quite big and is stealing the login credentials.…
Microsoft On Windows 11 System Requirements
Microsoft said in June that Windows 11 would require a processor released in late 2017 at the earliest, a Trusted Platform Module (TPM) 2.0 security chip, 4GB of memory, and…
Posted inAzure Security
Cloud Katana Open Sourced
A cloud-native serverless application Cloud Katana built on the top of Azure Functions to assess security controls in the cloud and hybrid cloud environments. This tool is an event-driven, serverless…
Posted inAzure Security
Cosmos DB Now Chaos DB
Microsoft warned thousands of its cloud computing customers, including some of the world's largest companies, that intruders could have the ability to read, change or even delete their main databases.…
SteelSeries … Bug give Windows Admin Privilege
Installing SteelSeries devices on Windows 10 can be abused to acquire administrator privileges. This can be exploited during the device setup process by clicking a link in the License Agreement…