Posts Tagged ‘Microsoft’

Microsoft: We Don’t Want to Zero-Day Our Customers

The head of Microsoft’s Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers. Jai Vijayan BLACK HAT USA — Las Vegas — A top Microsoft security executive today defended the company’s vulnerability disclosure policies as providing enough information for security teams to make informed patching decisions […]

Leave a Comment

Microsoft adds default protection against RDP brute-force attacks

“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston of Enterprise and OS Security at Microsoft, announced, just as the company confirmed that it will resume the rollout of the default blocking of VBA macros obtained from the internet. Brute-forced RDP access and malicious macros have for a […]

Leave a Comment

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as  CVE-2022-30190  (CVSS score 7.8), in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued  CVE-2022-30190  regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability.” reads […]

Leave a Comment

Bug bounty hunter awarded $50,000 for a Microsoft account hijack flaw

Microsoft has awarded the security researcher Laxman Muthiyah $50,000 for reporting a vulnerability that could have allowed anyone to hijack users’ accounts without consent. According to the expert, the vulnerability only impacts consumer accounts. The vulnerability is related to the possibility to launch a bruteforce attack to guess the seven-digit security code that is sent […]

Leave a Comment

NSA publish list of recommendations for Keeping Networks Secure

‘Best Practices for Keeping Your Home Network Secure’ is a new guide published by the National Security Agency. This document provides home users directions for keeping their systems secure and protected. Users are faceing lots of security issues now a days, and trying to apply all the required security measures is complicated due to the […]

Comments (1)

DHS Cyber security Watchdogs Miss Hundreds of Vulnerabilities on Their Own Network

Image via Wikipedia By Kevin Poulsen The federal agency in charge of protecting other agencies from computer intruders was found riddled with hundreds of high-risk security holes on its own systems, according to the results of an audit released Wednesday. The United States Computer Emergency Readiness Team, or US-CERT, monitors the Einstein intrusion-detection sensors […]

Comments (1)

Microsoft Power Point 2010 Hacks and Tips

Image via CrunchBase San Francisco ( – Microsoft Office 2010 is the latest version of Microsoft Office productivity suite. The new features of Office 2010 are its extended file compatibility and a refined user interface. Microsoft PowerPoint is one of the most important parts of the Office suite and has many advanced features. But Microsoft […]

Leave a Comment

Google attack highlights ‘zero-day’ black market

Image by Laughing Squid via Flickr By Jordan Robertson, AP The recent hacking attack that prompted Google’s threat to leave China is underscoring the heightened dangers of previously undisclosed computer security flaws — and renewing debate over buying and selling information about them in the black market. Because no fix was available, the linchpin in […]

Comments (1)

Conficker C worm and April fool

Image by david ian roberts via Flickr Worm like conficker is a digital time bomb which is hard coded to trigger on April 1 (April fool’s day). Antivirus companies are doing their best to minimize the impact of conficker worm. Conficker first variant was introduced few months back and have already caused significant amount of […]

Comments (9)

Global economic insecurity and rise of insider threats

According to BBC news article by Maggie Shiels (Feb 11, 2009) the world’s biggest software maker has warned companies to expect an increase in “insider” security attacks by disgruntled, laid-off workers. Microsoft said so-called “malicious insider” breaches were on the rise and would worsen in the present downturn. Below are the high points: • With […]

Comments (1)

Network Access Control and Security

The purpose of network access control is to protect and safeguard assets attached to network from threats of unauthorized users gaining access to organization’s assets. Network Access Control (NAC) authenticate users to make sure they are authorized to login and following the policies and procedures for login before authorized to use organization assets. Some of […]

Comments (2)