Tag Microsoft

Take Immediate Action: CISA Warns of Ongoing Exploitation of Microsoft SharePoint Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially included a critical vulnerability affecting Microsoft SharePoint Server in its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation within various environments. This vulnerability, identified as CVE-2023-29357, has garnered a significant CVSS score of 9.8, indicating its severity and…

Read MoreTake Immediate Action: CISA Warns of Ongoing Exploitation of Microsoft SharePoint Vulnerability

Microsoft to Retire Decades-Old Obsolete Cipher That Has Caused Widespread Issues

Microsoft has disclosed its ongoing efforts to phase out the RC4 cryptographic algorithm, a challenge that has persisted for over a decade. According to Steve Syfuhs, who leads the Windows Authentication team at Microsoft, eliminating an algorithm that has been a part of operating systems for the last 25 years…

Read MoreMicrosoft to Retire Decades-Old Obsolete Cipher That Has Caused Widespread Issues

FBI Adds Five APT41 Hackers from China to Cyber’s Most Wanted List

In a significant move today, the United States government filed charges against five individuals linked to a state-sponsored Chinese hacking group known as APT41, as well as two Malaysian hackers. This group is believed to have compromised over one hundred businesses globally, showcasing a sophisticated range of cyber-espionage and financially…

Read MoreFBI Adds Five APT41 Hackers from China to Cyber’s Most Wanted List

GitHub Changes Keys Following Serious Vulnerability That Exposed Credentials

GitHub has confirmed the rotation of specific cryptographic keys following the identification of a significant security vulnerability. This issue poses the risk of unauthorized access to sensitive credentials within production containers. The subsidiary of Microsoft announced that it first learned of the problem on December 26, 2023, and took immediate…

Read MoreGitHub Changes Keys Following Serious Vulnerability That Exposed Credentials

Researchers Discover Cyber Espionage Campaign Targeting Indian Army

Recent cybersecurity investigations have revealed an ongoing cyberespionage initiative targeting Indian defense agencies and military personnel, dating back to at least 2019. This operation, identified as “Operation SideCopy” by Quick Heal, an Indian cybersecurity firm, is believed to be orchestrated by an advanced persistent threat (APT) group adept in concealing…

Read MoreResearchers Discover Cyber Espionage Campaign Targeting Indian Army

TrickBot Linux Variants Remain Active in the Wild Following Recent Takedown

Recent investigations indicate that despite concerted efforts to disrupt the TrickBot malware operations, its creators are adapting and evolving their tactics. A report from cybersecurity firm Netscout reveals that the authors of TrickBot have ported elements of their malicious code to Linux, broadening their potential target base. Initially identified in…

Read MoreTrickBot Linux Variants Remain Active in the Wild Following Recent Takedown

AllaKore RAT Malware Exploiting Mexican Companies with Financial Fraud Tactics

Mexican financial institutions are currently being targeted by a sophisticated spear-phishing campaign that deploys a modified variant of the open-source remote access trojan known as AllaKore RAT. This attack has been attributed to an unidentified financially motivated actor based in Latin America, with the campaign having been operational since at…

Read MoreAllaKore RAT Malware Exploiting Mexican Companies with Financial Fraud Tactics

Researchers Discover Outlook Vulnerability That May Expose Your NTLM Passwords

A recently addressed security vulnerability in Microsoft Outlook exposes users to potential exploitation by malicious actors aiming to access NT LAN Manager (NTLM) v2 hashed passwords through specially crafted files. The flaw, identified as CVE-2023-35636, has been rated with a CVSS score of 6.5 and was patched during Microsoft’s December…

Read MoreResearchers Discover Outlook Vulnerability That May Expose Your NTLM Passwords

Senators Reintroduce Legislation to Enhance Cybersecurity in Healthcare

New Bipartisan Bill Aims to Fortify Healthcare Cybersecurity with Enhanced Regulations and Support Marianne Kolbasuk McGee (HealthInfoSec) • December 8, 2025 A bipartisan coalition of U.S. senators has reintroduced a significant cybersecurity bill aimed at enhancing protections in the healthcare sector. (Image: U.S. Congress) A bipartisan group of four U.S.…

Read MoreSenators Reintroduce Legislation to Enhance Cybersecurity in Healthcare