HackDig : Dig high-quality web security articles for hackers

Tripwire Patch Priority Index for May 2020

Tripwire’s May 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, SaltStack, and VMware.Up first on the patch priority list this month are patches for VMware vCenter Server and SaltStack Salt. The Metasploit exploit framework has recently integrated exploits for VMware vCenter Server (CVE-2020-3952) and Sal
Publish At:2020-05-31 23:20 | Read:104 | Comments:0 | Tags:Featured Articles VERT microsoft Priority Patch Index vulner

Windows 10 adds new security and privacy features in May update

byDanny BradburyWindows 10 release 2004 is out, with a slew of new features. They include several updates to its security and privacy. Here’s what you get when you download it, as outlined in the company’s blog post.Microsoft has updated its System Guard Firmware Measurement. This feature, launched in Windows 10 1903, helps guarantee the integrit
Publish At:2020-05-29 06:41 | Read:89 | Comments:0 | Tags:Microsoft Microsoft Edge Windows Application Guard Cortana F

Update now! Windows gets another bumper patch update

byJohn E DunnAfter a flurry of zero-day vulnerabilities in recent editions, May’s Patch Tuesday finally gives Windows users a month off having to fix ‘big’ exploited or public flaws.The catch is it’s still one of the biggest patch rounds Microsoft has ever released, featuring 111 CVE-level bug fixes (the record being March’s 115 fixes), nearly half of which
Publish At:2020-05-18 12:28 | Read:136 | Comments:0 | Tags:Operating Systems Windows Adobe Acrobat Internet Explorer Mi

PrintDemon – patch this ancient Windows printer bug!

byPaul DucklinThis month’s Patch Tuesday fixes just came out in what we’re calling a “bumper update“.Microsoft pushed out fixes for 111 different CVE-tagged vulnerabilities, 16 of which are deemed critical.That includes bugs that could in theory be remotely exploited, for example via rogue attachments or booby-trapped web pages, to im
Publish At:2020-05-18 12:27 | Read:102 | Comments:0 | Tags:Vulnerability EoP Microsoft PrintDemon spooler vulnerability

Microsoft joins encrypted DNS club with Windows 10 option

byDanny BradburyMicrosoft is the latest browser vendor to join the encrypted DNS club by supporting DNS over HTTPS in Windows 10. In Build 19628 and higher, you’ll be able to encrypt your DNS traffic to prevent your geeky flatmate, that hoodie-wearing person in your local coffee shop, and possibly your ISP from snooping on your browsing destinations.We
Publish At:2020-05-18 12:27 | Read:142 | Comments:0 | Tags:Microsoft DNS filtering DNS-over-HTTPS DoH Windows 10

Top 5 Ways to Secure All Remote Workers with Microsoft & Zimperium

I had the pleasure of recently conducting a timely webinar on the Top Five Ways to Secure All Remote Workers with two executives from our partners at Microsoft – – Dave Randall, Senior Program Manager of Endpoint Manager, and Aasawari Navathe, Program Manager. The world changed overnight Even before the pandemic, it’s surprising how quickl
Publish At:2020-05-18 11:56 | Read:200 | Comments:0 | Tags:Mobile Security advanced mobile threat defense BYOD Complian

Microsoft project proposed to aid Linux IoT code integrity

byJohn E DunnImagine a computer user from 2010 dreaming of a world in which Microsoft is not only an enthusiastic proponent of open source software but actively contributes to it with its own ideas.It would have sounded fanciful and yet a decade on and this is exactly the world a growing number of Microsoft’s in-house developers find themselves working towar
Publish At:2020-04-08 08:21 | Read:560 | Comments:0 | Tags:Security threats cloud Integrity Policy Enforcement (IPE Lin

Microsoft Buys Corp.com So Bad Guys Can’t

In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million. Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords, email and other sensitive data from hundreds of thousands of Micr
Publish At:2020-04-07 10:28 | Read:413 | Comments:0 | Tags:A Little Sunshine Active Directory corp.com microsoft Mike O

Tripwire Patch Priority Index for March 2020

Tripwire’s March 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe.Up first on the patch priority list this month are patches for Microsoft Browsers and Scripting Engine. These patches resolve information disclosure, remote code execution, and memory corruption vulnerabilities.Next on the list are patche
Publish At:2020-04-07 08:18 | Read:419 | Comments:0 | Tags:VERT microsoft PPI

Microsoft’s case study: Emotet took down an entire network in just 8 days

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. Microsoft shared details of the Emotet attack suffered by an organization named Fabrikam in the Microsoft’s Detection and Response Team (DART) Case Report 002, where Fabrikam is a fake name the I
Publish At:2020-04-04 15:17 | Read:448 | Comments:0 | Tags:Breaking News Hacking EMOTET information security news it se

Microsoft’s Edge browser to get breached credential alerts

byJohn E DunnAfter re-Chroming its Edge browser last summer, Microsoft this week announced a list of new security and privacy features it plans to add to forthcoming versions in an effort to take on its rivals.The first of these, tracking prevention, has been in the browser for months, but was recently redesigned to make it stand out a bit more.The second is
Publish At:2020-04-01 08:01 | Read:299 | Comments:0 | Tags:Google Privacy Bing Edge browser Edge Password Monitor Firef

Microsoft Edge will warn users if their credentials have been compromised

Microsoft announced that it will add an alerting feature to Edge to warn users if their credentials saved to autofill have been compromised. Microsoft announced several new features for its Edge browser, including a new alerting service to warn users if the credentials they have saved to autofill have been compromised in a third-party data breach. 
Publish At:2020-03-31 04:51 | Read:283 | Comments:0 | Tags:Breaking News Security credential stuffing data breach Hacki

Windows has a zero-day that won’t be patched for weeks

byJohn E DunnCybercriminals are exploiting two unpatched zero-day flaws affecting all supported versions of Windows, Microsoft has warned.The Remote Code Execution (RCE) vulnerabilities affect Adobe Type Manager (ATM) Library, the part of Windows that manages PostScript Type 1 fonts.For now, there are no CVE identifiers and the only confirmed details are in
Publish At:2020-03-25 09:06 | Read:350 | Comments:0 | Tags:Microsoft Operating Systems Security threats Vulnerability W

Microsoft discovers two new remote code execution vulnerabilities

On March 23, Microsoft announced that it had discovered two critical vulnerabilities in Windows. The announcement was made outside the company’s regular communications schedule, highlighting how critical these vulnerabilities are. These are remote code execution vulnerabilities, and Adobe Type Manager Library. Microsoft says it is aware of a limited nu
Publish At:2020-03-25 08:30 | Read:451 | Comments:0 | Tags:Business News Security b2b Microsoft vulnerability Windows

Crypto-Risk: Your Data Security Blind Spot

For many years — almost since the beginning of secure internet communications — data security professionals have had to face the challenge of using certificates, the mechanism that forms the basis of Transport Layer Security (TLS) communications. Certificates facilitate secure connections to websites (represented by the “s” in “https”
Publish At:2020-03-23 10:45 | Read:404 | Comments:0 | Tags:Data Protection Risk Management Apple Business Continuity Ce

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud