How Data Landlords Put Their Tenants at Risk

Microsoft is a global leader in cloud storage and data protection. They prove that even the most respected cloud databases offer weak security. Today’s microservice architecture is highly dependent on…

MyEasyDocs Exposed 30GB of Israeli and Indian Students PII Data

MyEasyDocs is a Chennai, India based online documents verification platform whose Microsoft Azure server exposed data of over 57,000 students. The team of IT security researchers at vpnMentor led by…

Penetration Testing Azure: The User-Friendly Guide

Microsoft Azure is a cloud platform that offers a wide range of services to its users. It’s used by organizations all around the world for a variety of reasons. However,…

Microsoft Azure customer hit by largest ever 3.47 Tbps DDoS attack

Microsoft says it mitigated a DDoS attack that lasted approximately 15 minutes against one of its Azure customers in Asia. A Microsoft Azure cloud computing customer in Asia was a…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot…

Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency

Top US government cybersecurity officials fear advanced hackers will have a field day with the Log4j vulnerability that’s likely present in hundreds of millions of devices.  Security experts are already seeing…

Log4j zero-day flaw: What you need to know and how to protect yourself

A flaw in Log4j, a Java library for logging error messages in applications, is the most high-profile security vulnerability on the internet right now and comes with a severity score…

Log4j Critical Vulnerability (CVE-2021-44228): Practical Tips to Protect Your Organisation

What’s going on? Log4j is commonly used in Java applications of all shapes and sizes. Versions up to 2.15.0 have a critical vulnerability which is being actively exploited. Attackers are…

AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK

Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a…