#microsoft

Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.

The new open source specification from Open Compute Project is backed by Google, Nvidia, Microsoft, and AMD.

Many enterprises continue to leave cloud storage buckets exposed despite widely available documentation on how to properly secure them.

Zero trust protects identities, endpoints, applications, networks, infrastructure, and data, and can be implemented in different ways.

By Deeba Ahmed According to researchers, the data included 335,000 emails, 548,000 users, and 133,000 projects. This is a post from HackRead.com Read the original post: Microsoft Exposed 2.4 TB of Business Customer Data in BlueBleed Breach

Behavior functioning as intended, Microsoft reportedly says, and offers mitigation advice instead

Ubuntu Security Notice 5692-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Soenke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice 5691-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Soenke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Categories: News Tags: Microsoft Tags: breach Tags: data Tags: exposed Tags: exposure Tags: endpoint We take a look at word of accidental data exposure leading to a reveal of Microsoft customer data. (Read more...) The post Microsoft breach reveals some customer data appeared first on Malwarebytes Labs.

Categories: News Tags: Venus Ransomware Tags: RDP Tags: remote desktop services Tags: encrypt Tags: fraud Tags: ransom We take a look at reports of Venus ransomware targeting remote desktop services/RDP. (Read more...) The post Venus ransomware targets remote desktop services appeared first on Malwarebytes Labs.