Microsoft Exchange Server Vulnerability Could Allow Privileged Escalation
Microsoft Exchange Server elevated privilege vulnerability may enable remote attackers exploiting the flaw to take administrative control of an exposed system, the company warns.
Microsoft Issues BlackCat Ransomware Warning: What MSSPs Need to Know
The Microsoft 365 Defender Threat Intelligence Team identifies two incidents in which hackers deployed BlackCat ransomware without admin privileges.
Alleged Iran-linked Cyber Attacker Exploiting Log4j Vulnerability in VMware Horizon Service
TunnelVision ransomware group actively exploits Log4j vulnerability & VMware Horizon’s virtual desktop platform, SentinelOne research alleges.
Microsoft Pursuing Mandiant Acquisition?
Microsoft may be striving to acquire Mandiant, the incident response and XDR cybersecurity company that recently split from FireEye, a report indicates.
Biggest MSP Takeaways From The Apache Log4j Vulnerability
Patching alone isn’t the solution to the Apache Log4j vulnerability. Sophos explains how MSPs can mitigate the Log4j and Log4Shell security risks.
Hackers Exploiting Microsoft Exchange Server Vulnerabilities in Enterprise Phishing Campaigns
Hackers exploited recently disclosed Microsoft Exchange Server vulnerabilities to attack enterprise networks & distribute phishing emails both internally & externally, Cybereason research revealed.
Microsoft Disrupts Alleged China-Based Hacking Group Called Nickel
Nickel group hacked unpatched Microsoft Exchange & SharePoint servers, and targeted organizations across 29 countries, Microsoft alleged.
IT Service Provider Cyberattacks Represent Revolutionary Change, Microsoft Says
China, Iran, North Korea & Russia-led cyberattacks vs IT service providers to exploit victims downstream represents a “revolutionary change” in tactics, Microsoft asserts.
Microsoft Azure Cosmos Database Vulnerability: ChaosDB Exposure Details
Microsoft fixes ChaosDB, a critical Azure Cosmos database vulnerability. MSSPs should alert Azure Cosmos customers about next security step.