Update 10/6/2022 : Microsoft has released several updates since their post on the “ProxyNotShell” Exchange vulnerabilities. If you followed their initial mitigation steps, they are not sufficient to block this threat and your Exchange server may remain vulnerable. Security researchers began poking at the initial mitigation recommendations and found ways to bypass their … [Read more...]
Whitehat Finds Blackhat on Facebook – Daily Security Byte EP. 252
Bug Bounty programs are great ways for companies to get security researchers to help find and fix vulnerabilities in their products or infrastructure, but no one expected them to also reveal hackers in your network. Watch today's video to hear how one pen-tester found more than he bargained for when researching Facebook's network. (Episode Runtime: 3:38) Direct YouTube … [Read more...]
Latest Flash Update Plugs 18 Security Holes
Do you watch a lot of online video or play interactive web games? Perhaps your organization uses rich, interactive web-based business applications? In either case, you've probably installed Adobe Flash, along with the 500 million other device holders who use it. In this case, you better update Flash as soon as you can. During Microsoft Patch day, Adobe released a security … [Read more...]
Office Patches Mend SharePoint and OneNote
Severity: High Summary: These vulnerabilities affect: Microsoft Office related products like OneNote and SharePoint Server How an attacker exploits them: Varies. Typically by enticing users to open or interact with maliciously crafted Office documents Impact: Many. In the worst case, an attacker can gain complete control of your Windows computer What to do: Install the … [Read more...]
Windows Updates Mend Critical Journal Vulnerability & More
Severity: High Summary: These vulnerabilities affect: All current versions of Windows (and related components like XML Core Services) How an attacker exploits them: Multiple vectors of attack, including enticing you to malicious web sites, or into interacting with malicious documents or images. Impact: In the worst case, an attacker can gain complete control of your Windows … [Read more...]