N-gated Hacker NewsOct 21
🚨BREAKING: Foreign hackers waltz into a US nuclear weapons plant through a *SharePoint* hole 🚪🔓—because why bother with complex cyber espionage when Microsoft already leaves the door open? 🤦‍♂️ Meanwhile, CSO Online is too busy listing their policies to notice the meltdown. 🔥
https://www.csoonline.com/article/4074962/foreign-hackers-breached-a-us-nuclear-weapons-plant-via-sharepoint-flaws.html #ForeignHackers #SharePoint #Breach #CyberSecurity #NuclearSafety #MicrosoftFlaw #HackerNews #ngated
Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

A foreign actor infiltrated the National Nuclear Security Administration’s Kansas City National Security Campus through vulnerabilities in Microsoft’s SharePoint browser-based app, raising questions about the need to solidify further federal IT/OT security protections.

CSO Online
ITSEC NewsOct 28, 2020
Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems - While Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Window... https://threatpost.com/microsofts-smbghost-flaw-108k-windows-systems/160682/ #microsoftwindows #vulnerabilities #cve-2020-0796 #microsoftflaw #websecurity #microsoft #smbghost #windows #shodan #patch
Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

While Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Windows systems are still vulnerable.

Threatpost - English - Global - threatpost.com
ITSEC NewsSep 15, 2020
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw - Security researchers and U.S. government authorities alike are urging admins to address Microsoft'... https://threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/ #microsoftaugustpatchtuesday #privilegeescalation #domaincontrollers #vulnerabilities #activedirectory #authentication #proofofconcept #remoteprotocol #cve-2020-1472 #microsoftflaw #activedomain #criticalflaw #patchtuesday #windowsflaw #microsoft #zerologon
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw

Security researchers and U.S. government authorities alike are urging admins to address Microsoft's critical privilege escalation flaw.

Threatpost - English - Global - threatpost.com
ITSEC NewsJul 6, 2020
Purple Fox EK Adds Microsoft Exploits to Arsenal - Two exploits for Microsoft vulnerabilities have been added to the Purple Fox EK, showing ongoing d... more: https://threatpost.com/microsoft-exploits-purple-fox-ek/157157/ #operationwizardopium #microsoftexploit #vulnerabilities #cve-2019-1458 #cve-2020-0674 #microsoftflaw #purplefoxek #exploitkit #microsoft #purplefox #malware #ek
Purple Fox EK Adds Microsoft Exploits to Arsenal

Two exploits for Microsoft vulnerabilities have been added to the Purple Fox EK, showing ongoing development for the exploit kit.

Threatpost - English - Global - threatpost.com
ITSEC NewsApr 7, 2020
Serious Exchange Flaw Still Plagues 350K Servers - The Microsoft Exchange vulnerability was patched in February and has been targeted by several thre... more: https://threatpost.com/serious-exchange-flaw-still-plagues-350k-servers/154548/ #advancedpersistentthreat #microsoftexchange #vulnerabilities #microsoftpatch #microsoftflaw #patchtuesday #microsoft #aptgroup #hacks #patch #apt
Serious Exchange Flaw Still Plagues 350K Servers

The Microsoft Exchange vulnerability was patched in February and has been targeted by several threat groups.

Threatpost - English - Global - threatpost.com
ITSEC NewsMar 9, 2020
Microsoft Exchange Server Flaw Exploited in APT Attacks - A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, ... more: https://threatpost.com/microsoft-exchange-server-flaw-exploited-in-apt-attacks/153527/ #advancedpersistentthreat #microsoftexchange #microsoftpatch #microsoftflaw #patchtuesday #microsoft #aptgroup #hacks #patch #apt
Microsoft Exchange Server Flaw Exploited in APT Attacks

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.

Threatpost - English - Global - threatpost.com