Tag Search: MSRC alerts
Posted on Wednesday February 10, 2021 | MSRC alerts
Wondering how to get into the 2021 MSRC Most Valuable Security Researcher list and get recognized during the Black Hat USA this August? Read on to learn more about the different paths you can take to get into the top researcher tiers. The MSRC Most Valuable Security Researcher (MVR) and MSRC Contributor are tiers in...
Posted on Tuesday February 09, 2021 | MSRC alerts
Based on user feedback we have simplified programmatic access to the security update data by removing the authentication and API-Key requirements when using the CVRF API. You will no longer have to log in to obtain a personal API key to access the data. We're happy to make this valuable public information more freely available...
Posted on Tuesday February 09, 2021 | MSRC alerts
Today Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term. We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move...
Posted on Monday February 01, 2021 | MSRC alerts
The Report Abuse (CERT) Portal and Report Abuse API have played a significant role in MSRC's response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful perspectives into the various types of attacks that threaten our online services, our cloud, and our customers. To further commit to MSRC's mission of responding to and defending against these types of security incidents, our team has...
Posted on Thursday January 21, 2021 | MSRC alerts
Alongside our industry partners and the security community, Microsoft continues to investigate the extent of the recent nation-state attack on SolarWinds. Our goal is to provide the latest threat intelligence, Indicators of Compromise (IOC)s, and guidance across our products and solutions to help the community respond, harden infrastructure, and begin to recover from this unprecedented attack. As new information becomes available, we will make updates to this article at...
Posted on Friday January 15, 2021 | MSRC alerts
Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol (CVE-2020-1472) on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block vulnerable connections from non-compliant devices. DC enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the...
Phone: +1-989-776-2080
Toll Free: +1-855-674-2968
Email: info (at) netservicesgroup dot com
DUNS 155892800
SPIN 143027933
100% Michigan
NSG is owned & operated, offering enterprise-level IT service & support, right in your own back yard.