Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Elastic Security Labs has identified a new malware family named FinalDraft, that uses Microsoft’s Graph API to communicate through Outlook email drafts, allowing attackers to bypass traditional network monitoring. The malware is part of a sophisticated cyber-espionage campaign and includes a custom loader, a backdoor, and multiple post-exploitation modules targeting a foreign ministry. Elastic Security …
The post New FinalDraft Malware Uses Microsoft Outlook for Espionage appeared first on CyberInsider.
February 12th, 2025 (2 months ago)
|
|
|
Description: This week we discuss a new Microsoft study that finds using generative AI is "atrophying" people's cognition and critical thinking skills, the right's war on Wikipedia, and, in the subscriber's section, the idea of posting against fascism.
February 12th, 2025 (2 months ago)
|
|
|
Description: Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild.
Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity. This is aside from the 23 flaws Microsoft addressed in its Chromium-based Edge
February 12th, 2025 (2 months ago)
|
|
|
February 12th, 2025 (2 months ago)
|
|
|
🚨 Marked as known exploited on April 10th, 2025 (10 days ago).
Description: Microsoft has released its February 2025 Patch Tuesday update, addressing 55 security vulnerabilities, including two actively exploited zero-day flaws. The update includes fixes for elevation of privilege vulnerabilities in Windows Storage and the Windows Ancillary Function Driver for WinSock, which have been detected in real-world attacks. Zero-days under active exploitation Among the most critical fixes …
The post Microsoft February 2025 Patch Tuesday Fixes Two Zero-Day Flaws appeared first on CyberInsider.
February 11th, 2025 (2 months ago)
|
|
|
Description: Microsoft has released its monthly security update for January of 2025 which includes 58 vulnerabilities, including 3 that Microsoft marked as “critical” and one marked as "moderate". The remaining vulnerabilities listed are classified as “important.”
February 11th, 2025 (2 months ago)
|
|
|
Description: Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and fixes a memory leak bug. [...]
February 11th, 2025 (2 months ago)
|
|
|
Description: Microsoft has released Windows 11 KB5051987 and KB5051989 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]
February 11th, 2025 (2 months ago)
|
|
|
🚨 Marked as known exploited on April 10th, 2025 (10 days ago).
Description: Today is Microsoft's February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks. [...]
February 11th, 2025 (2 months ago)
|
|
|
Description: The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. [...]
February 11th, 2025 (2 months ago)
|