7 matches found
Storm-0324: An access for the RaaS Threat Actor (Sangria Tempest)
Storm-0324 to Sangria Tempest Leads to Ransomware Capabilities By Trellix · October 5, 2023 This blog was written by Gurumoorthi Ramanathan Executive Summary: In early July 2023, the threat actor that Microsoft calls “Storm-0324” was observed sending a phishing message through Microsoft Teams...
Update now! February's Patch Tuesday tackles three zero-days
The Patch Tuesday roundup from Microsoft for February 2023 includes three zero-days. Not exactly what we had in mind for Valentine's Day. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. As far as we can tell, onl...
CVE-2023-21715
creationtimestamp| type| source ---|---|--- 2023-02-14 20:51:29+00:00| seen| https://t.me/ctinow/93388 2023-02-14 21:31:23+00:00| exploited| https://t.me/ctinow/93396 2023-02-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=970 2023-02-15 18:04:11+00:00| exploited|...
CVE-2023-21715 Microsoft Publisher Security Feature Bypass Vulnerability
...
CVE-2023-21715 Microsoft Publisher Security Feature Bypass Vulnerability
...
CVE-2023-21715
CVE-2023-21715 is a Microsoft Publisher security feature bypass vulnerability affecting Microsoft 365 Apps for Enterprise. Exploitation allows a specially crafted document to bypass macro defenses and run code that would normally be blocked by policy; the attack is described as local with authent...
CVE-2023-21715
Microsoft Publisher Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...