The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT’s breach of its Exchange Online environment in 2023.
Автор: Jai Vijayan, Contributing Writer
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up more than 100 victims.
Multiple Groups Exploit NTLM Flaw in Microsoft Windows
The attacks have been going on since shortly after Microsoft patched the vulnerability in March.
Max Severity Bug in Apache Roller Enabled Persistent Access
The remediated flaw gave adversaries a way to maintain access to the app through password resets.
AI Code Tools Widely Hallucinate Packages
The hallucination problem is not just pervasive, it is persistent as well, according to new research.
AI Code Tools Widely Hallucinate Packages
The hallucination problem is not just pervasive, it is persistent as well, according to new research.
Oracle Appears to Admit Breach of 2 ‘Obsolete’ Servers
The database company said its Oracle Cloud Infrastructure (OCI) was not involved in the breach. And at least one law firm seeking damages is already on the case.
Microsoft Drops Another Massive Patch Update
A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.
ToddyCat APT Targets ESET Bug to Load Silent Malware
Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems.
China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution.