| Security Research News |
| Showing 'Security Research News' from 71 to 80|
| |Hunting COM Objects (Part Two) BackgroundAs a follow up to PartOne in this blog series on COM object hunting, this post willtalk about taking the COM object hunting methodology deeper by lookingat interesting COM object methods exposed in properties andsub-properties...
| |4 Best Practices To Help You Integrate Security Into DevOps Learn how Microsoft evolved its culture, teams, and practices to integrate security into an agile development process that supports a cloud-based world.
The post 4 best practices to help you integrate security into DevOps appeared first...
| |Cyberattack Exposes Travelers’ Photos, Says US Border Agency The images, collected over one and a half months, were taken as the travelers crossed an unspecified border point
The post Cyberattack exposes travelers’ photos, says US border agency appeared first on WeLiveSecurity
| |Advancing Windows 10 As A Passwordless Platform With the latest update, users can add passwordless phone number accounts to Windows, sign in for the first time with the Microsoft Authenticator app, and more.
The post Advancing Windows 10 as a passwordless platform appeared first on Microsoft...
| |MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 And New Post-Exploitation Tools We found new campaigns that appear to wear the badge of MuddyWater. Analysis of these campaigns revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes....
| |CVE-2019-2725 Exploited And Certificate Files Used For Obfuscation To Deliver Monero Miner We found cryptocurrency-mining activity that involves the exploitation of the Oracle WebLogic server vulnerability CVE-2019-2725 with the interesting behavior of using certificate files as an obfuscation tactic.
The post CVE-2019-2725 Exploited...
| |Critical Bug Found In Popular Mail Server Software If exploited, the security hole in unpatched versions of Exim could allow attackers to run arbitrary commands on vulnerable mail servers
The post Critical bug found in popular mail server software appeared first on WeLiveSecurity
| |Lessons Learned From The Microsoft SOC Part 2b: Career Paths And Readiness In our second post about people—our most valuable resource in the SOC—we talk about our investments into readiness programs, career paths, and recruiting for success.
The post Lessons learned from the Microsoft SOC Part 2b: Career paths...
| |NSA Joins Chorus Urging Users To Patch ‘BlueKeep’ The alert comes on the heels of Microsoft’s second advisory calling on people to take action before it’s too late
The post NSA joins chorus urging users to patch ‘BlueKeep’ appeared first on WeLiveSecurity
| |Government Sector In Central Asia Targeted With New HAWKBALL Backdoor
Delivered Via Microsoft Office Vulnerabilities FireEye Labs recently observed an attack against the governmentsector in Central Asia. The attack involved the new HAWKBALL backdoorbeing delivered via well-known Microsoft Office vulnerabilitiesCVE-2017-11882 and CVE-2018-0802.HAWKBALL...
| « Newer 3 4 5 6 7 8 9 10 11 12 Older » |