Security

Microsoft has detailed its latest efforts to tackle cyber attacks targetting organizations in Ukraine. The Redmond giant revealed that it had successfully disrupted a series of high-profile attacks by a Russian state-sponsored hacking group dubbed “Strontium.” Strontium is one of the most popular APT groups worldwide that works closely with the Russian military intelligence agency…

When approaching a rollout of Microsoft Defender for Endpoint (MDE) for your organization, it can be difficult to know where to start.  In my last article, MDE was explained at a high level: what it is and why you should care.  This time, we will get into the weeds of how to actually plan for…

Microsoft has published details about a critical security vulnerability dubbed “Spring4Shell” in the Spring Framework for Java. The Redmond giant recommends its Azure cloud service customers to patch the critical remote code execution (RCE) exploit immediately. Disclosed by the WMware owned Spring on March 31, the company has already deployed a hotfix to address the…

Microsoft is holding its “Windows Powers the Future of Hybrid Work” digital event this morning, where Chief Product Officer Panos Panay announced some new security and management experiences for Windows 11. The company has announced security enhancements such as phishing protection capabilities, Smart App Control, as well as a premium endpoint management solution for helpdesk…

Taiwan-based QNAP Systems has confirmed a new OpenSSL bug that impacts most of its network-attached storage (NAS) devices. According to the company’s advisory, the security flaw leads to an infinite loop that would result in a denial-of-service (DoS) state. The security vulnerability, tracked as CVE-2022-0778 and issued a CVSS “high” severity score of 7.5, has…

VMware has released emergency patches to address the “Spring4Shell” remote code execution exploit in the Spring Framework. The company is recommending all users to install these updates (version 5.3.18 and 5.2.20) as soon as possible. The security researchers recently discovered a new zero-day exploit in the Spring Framework called “Spring4Shell” that could lead to unauthenticated…

The security analysts at INKY have recently discovered a new phishing campaign that targets Calendly, an automated meeting scheduling tool. The company explained that the campaign aims to steal users’ credentials by embedding malicious links into Calendly event invitations. Calendly is a popular app that allows users to schedule meetings, appointments, and events for individuals…

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory about ongoing cyberattacks against internet-connected uninterruptible power supply (UPS) devices. The US government encourages organizations to change their default user name and password settings to prevent hackers from targeting UPS devices. An uninterruptible power supply (UPS) is a device that allows computer systems and…

Microsoft has released a new security feature that should help to protect Windows PCs against malicious drivers. David Weston, Microsoft’s Vice President of Enterprise and OS Security, announced on Twitter today that the vulnerable driver blocklist feature is now available on Windows 10, Windows 11, as well as Server 2016 and higher. The new vulnerable…

Sophos has released an emergency update to patch a critical security flaw in its firewall product line. The company explained in its security advisory that the vulnerability, tracked under CVE-2022-1040, when exploited could allow for remote code execution (RCE) on targeted machines. According to Sophos, this remote code execution vulnerability was first discovered by an…