Microsoft has confirmed a Remote Code Execution (RCE) vulnerability in Microsoft Support Diagnostic Tool (MSDT) which is expected to be exploited since April, at least. It was on May 27th, 2022, reports came about malicious word documents that leverages remote templates in order to execute PowerShell via the ms-msdt Office URL scheme. This vulnerability is
Read More
Microsoft released a patch for Windows Local Security Authority (LSA) spoofing recently. This was one among the 74 security flaws reported to be fixed with the new patch, including 7 critical, 66 deemed important and 1 low severity. Windows LSA spoofing vulnerability (CVE-2022-26925) is being wildly exploited. As per Microsoft an unauthorised bad actor will
Read More
Malware that targets AWS Lambda Environments A first-of-its-kind malware that is specifically designed to execute in an AWS Lambda environment has been discovered by Cado labs. Even serverless environments are no longer safe. While the malware’s distribution is limited, the discovery of such malware is evidence of bad actors’ advanced technical skills and their interest
Read More
Everyone might have already known that Microsoft announced a feature Windows Autopatch, which will be released in July 2022. This blog is about this new feature that Microsoft is planning to release.Windows Autopatch is a service mainly designed to update the windows and office automatically. This feature will be available for free for those users
Read More