Lucene search
K

7 matches found

Microsoft Secure
Microsoft Secure
added 2024/05/30 5:0 p.m.23 views

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology OT devices. Internet-exposed OT equipment in water and wastewater systems WWS in the US were targeted in multiple attacks over the past months by different...

9.8CVSS7.2AI score0.02089EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/08/25 4:0 p.m.253 views

MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

In recent weeks, the Microsoft Threat Intelligence Center MSTIC and Microsoft 365 Defender Research Team detected Iran-based threat actor MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations all located in Israel. MSTIC assesses with high...

9.3CVSS0.5AI score0.99999EPSS
Exploits353
The Hacker News
The Hacker News
added 2021/01/19 3:4 p.m.37 views

Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack

Cybersecurity researchers have unearthed a fourth new malware strain—designed to spread the malware onto other computers in victims' networks—which was deployed as part of the SolarWinds supply chain attack disclosed late last year. Dubbed "Raindrop" by Broadcom-owned Symantec, the malware joins...

0.3AI score
Exploits0
OSV
OSV
added 2019/05/16 7:29 p.m.5 views

CVE-2019-0819

An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'...

6.5CVSS6.6AI score0.05373EPSS
Exploits0References1
OSV
OSV
added 2017/08/08 9:29 p.m.2 views

CVE-2017-8516

Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability"...

7.5CVSS5.8AI score0.08041EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2017/03/28 5:12 p.m.67 views

Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group

Microsoft has released technical details on a zero-day vulnerability being exploited by a little-known APT group known as Zirconium. According to the company the vulnerability CVE-2017-0005 affects mostly older versions of Windows and can allow an adversary to execute remote code if a user either...

6.9CVSS0.1AI score0.821EPSS
Exploits2References6
ThreatPost
ThreatPost
added 2011/04/13 4:13 p.m.36 views

Analysis of the New Adobe Flash Attacks

When Adobe warned customers earlier this week about a newly discovered vulnerability in the Flash Player software, company officials said that there were already attacks underway against the bug. Those attacks are using malicious Flash files buried in Word documents and Microsoft’s security...

9.3CVSS0.3AI score0.9941EPSS
Exploits14References4
Rows per page
Query Builder