Security Bulletin

The RCE vulnerability was leveraged in ransomware attacks targeting Indian banks.

Outlook, Teams, PowerPoint, OneNote, Excel, and Word undermine macOS's strict user permission-based privacy and security protections.

Multifactor authentication enforcement for Azure portal, Microsoft Entrata admin center, and Intune admin center will begin October.

Security pros say the flaws in six apps for macOS could let attackers take over cameras, microphones and screen recordings.

For MSPs, choosing the right network platform is crucial for several notable reasons. The ideal solution should be operationally efficient, reducing the complexity and costs of managing multiple individualized networks.

What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker?

Cyber incidents like this highlight the need for tougher action on companies that fail to adequately protect consumer data.

Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding ongoing intrusions targeting SolarWinds Web Help Desk instances vulnerable to the critical Java deserialization flaw, tracked as CVE-2024-28986.

While admins could defer MFA enforcement until April 2025 as long as they request to do so between Aug. 15 and Oct. 15, Microsoft warned that such postponement would open admin portals to increased cybersecurity risks.

Information leaked by the misconfigured database included not only individuals' names, birthdates, addresses, and phone numbers, but also their credit amounts, places of payments, and credit utilization data, reported the Cybernews research team.

Investigation into the incident revealed that G-Suite account infiltration was accompanied by discrepancies in corporate accounts, especially among accounting department employees and contractors, and potential access to corporate managers' accounts...