Tag: Microsoft

ESET Research discovers ESPecter, a bootkit for cyberespionage

October 6, 2021

ESET researchers have discovered a previously undocumented real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which ESET has named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which facilitates its espionage activities. ESPecter is the second discovery of a UEFI bootkit persisting on the ESP … More ESET Research discovers ESPecter, a bootkit for cyberespionage

Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws

September 17, 2021

The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML. The arrival of the second Tuesday of the month can only mean one thing in cybersecurity terms, Microsoft is rolling out patches for security vulnerabilities in Windows and its other offerings. This time round Microsoft’s … More Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws

Microsoft Power Apps misconfiguration exposes millions of records

August 25, 2021

The caches of data that were publicly accessible included names, email addresses and social security numbers. A total of 38 million records stored across hundreds of Microsoft Power Apps portals have been found sitting unprotected on the internet. The treasure trove of data included a variety of personally identifiable information (PII) ranging from names and … More Microsoft Power Apps misconfiguration exposes millions of records

Microsoft Patch Tuesday fixes 13 critical flaws, including 4 under active attack

July 16, 2021

The latest Patch Tuesday brings a new batch of security updates addressing a total of 117 vulnerabilities. The second Tuesday of the month is here, which means that Microsoft has rolled out patches for security vulnerabilities in Windows and its other products as part of its monthly Patch Tuesday bundle. This month’s batch of security updates brings … More Microsoft Patch Tuesday fixes 13 critical flaws, including 4 under active attack

The hybrid workplace: What does it mean for cybersecurity?

July 13, 2021

How can organizations mitigate the risk of damaging cyberattacks while juggling the constantly changing mix of office and off-site workers? The pandemic may finally be receding, but remote working is very much here to stay. The model that appears to be gaining most traction is a hybrid one, where most staff are allowed to spend … More The hybrid workplace: What does it mean for cybersecurity?