Cybersecurity researchers from Kaspersky recently discovered a brand new IIS module, designed to steal credentials that victims type in when logging into their Outlook Web Access (OWA) accounts. They dubbed the new module backdoor SessionManager, and claim it’s persistent, resistant to updates and stealthy. By leveraging SessionManager, Kaspersky further claims, threat actors can get access […]
The bug that caused a number of New Year’s Eve emails to get stuck in a queue has finally been fixed, Microsoft says. The bug prevented emails for on-prem Microsoft Exchange servers to be delivered, due to an error with the dates. As reported by BleepingComputer, early investigation into the bug discovered that Microsoft Exchange […]
In a year bookended by the late-2020 SolarWinds supply chain attack and the widespread Log4j vulnerability, security teams have consistently juggled and prioritized an ongoing wave of threats. And between those, they have a monthly Patch Tuesday update to contend with. While Microsoft patched fewer vulnerabilities in 2021 than in 2020, the company fixed 883 […]
Latest Comments