Latest Microsoft Patch -How Important is it?

The Microsoft Security Response Center just released the following Microsoft Mitigates Outlook Elevation of Privilege Vulnerability Microsoft has developed a script to see if you are already infected by hackers:  https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/ The script can run on Exchange server or on Azure based mailboxes(AzureEnvironmentName, AzureADEndpoint, EWSOnlineURL, and EWSOnlineScope can be left as default). This is a … Read more

Password Managers Hacked: Passwordstate and Lastpass

Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website.   “Passwordstate was subject to scrutiny by Swiss security consultancy modzero AG following a customer request to check the password manager’s security. Modzero researchers Constantin … Read more

OpenSSL fix NOT Critical but High vul

So the latest OpenSSL version in the 3.0 release has a fix which is version 3.0.7 which will address a critical vulnerability in the 3.x versions.  (so if you are using 2.x you are ok for now).  OpenSSL is the open source implementation of SSL and TLS secure communication protocols. MalwareBytes Blog had a post … Read more

What Happens When MFA is Hacked? Phishing is Accurate & Effective

We learned  that MFA or 2FA (Multi or Two factor Authentication) is better than just a username and password to authenticate as all security people keep drumming into everyone right? Just to review MFA is a second form if authentication where the first form is a username and password. The second form can be a … Read more