Microsoft releases emergency update to fix two serious Windows flaws

The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical. Microsoft on Tuesday released emergency security patches to plug a pair of serious vulnerabilities in its Windows Codecs library that impact several Windows 10 and Windows Server versions. Indexed as CVE-2020-1425 and CVE-2020-1457, the two remote-code execution (RCE) flaws … More Microsoft releases emergency update to fix two serious Windows flaws

Steady stream of scams, hoaxes and phishing emails in Irish mailboxes

While this time around we can’t report any particularly original or funny scams sticking out, the Irish mailboxes are nevertheless under constant attack. ESET Ireland takes a closer look at the two most common ones encountered in recent weeks. The “Parcel Delivery” Scam The Irish media already covered the “DPD phishing scam”, that was also … More Steady stream of scams, hoaxes and phishing emails in Irish mailboxes

Microsoft fixes vulnerability affecting all Windows versions since 1996

Another vulnerability in the same Windows component was abused by Stuxnet a decade ago. A vulnerability in a decades-old Windows component that controls printing on machines running the operating system could be abused by malicious actors to gain elevated privileges on the targeted system, according to security researchers Yarden Shafir and Alex Ionescu. The flaw, which … More Microsoft fixes vulnerability affecting all Windows versions since 1996

Exploit kits: What are they and what is an exploit blocker?

What are exploit kits? Unwary internet users may not realize that in the course of normal browsing they can be exposed to malicious exploit kits that lurk on some websites. Exploit kits consist of malicious code to exploit one or more potential vulnerabilities in common web browsing and document viewing software. More sophisticated exploit kits … More Exploit kits: What are they and what is an exploit blocker?

Microsoft: 99.9 percent of hacked accounts didn’t use MFA

Only 11 percent of all enterprise accounts have multi-factor authentication enabled. More than 99.9 percent of Microsoft enterprise accounts that get invaded by attackers didn’t use multi-factor authentication (MFA). This stark, though not entirely surprising, finding comes from a presentation that Alex Weinert, the tech giant’s Director of Identity Security, delivered at the RSA 2020 security … More Microsoft: 99.9 percent of hacked accounts didn’t use MFA