A flaw in the way Microsoft Azure Active Directory (AD) Connect configures the AD synchronisation account in Office 365 hybrid installations, creates stealthy admins in the user group by default.
The European Commission has said it will file an amicus brief with the US Supreme Court in the US versus Microsoft case on behalf of the European Union (EU).
Researchers believe a suspected Iranian APT group is responsible for a recent cyber-espionage operation that targeted a Middle Eastern government organisation.
Researchers from Zscaler's ThreatLabZ division on Friday released an analysis report on two relatively new open-source ransomware programs, Bugware and Vortex, after tracking recent spam campaigns pushing the strains.
Cisco released patches for multiple vulnerabilities in its WebEx Recording Format and Advanced Recoding Format Players to address vulnerabilities.
Cobalt malware was documented exploiting the 17-year-old CVE-2017-11882 vulnerability via spam just a few days after researchers noted a similar spam campaign exploiting an RTF documents.
Microsoft's November Patch Tuesday rollout included patches 53 flaws, 20 rated critical, spread across a variety of products, including Edge, Internet Explorer, Windows and Office.
Microsoft is claiming that the latest version of Windows 10, the Fall Creator's Update, is the most secure version of the operating system yet released.
In 2013 Microsoft discovered that hackers had breached the secret internal database it uses to track vulnerabilities, it then quietly upped its security, segmenting the database from its network and compelling two-factor authentication.
Microsoft's October Patch Tuesday release covered a wide spectrum of problems with the majority possibly resulting in remote code execution (RCE) and CVE-2017-11826 being publicly disclosed and actively exploited.
Patch Tuesday security updates includes a fix for a zero-day flaw found in the wild and used to target Russian speakers along with the details on the BlueBorne vulnerability that potentially impacts five billion Bluetooth devices.
A programming error in the Microsoft Windows kernel might inhibit security software vendors and kernel developers from properly identifying modules loaded during runtime.
It has been reported that a free online translation tool Translate.com which uses machine translation service Microsoft Translator, has suffered a major data breach, but the company has denied that it is a breach.
Malware distributors are now maliciously crafting PowerPoint Open XML Slide Show (PPSX) files to take advantage of a Microsoft Office vulnerability.
Microsoft had a busy month patching flaws with nearly 50 security issues fixed, many of which have a severity rating of critical" or "important" with remote code execution vulnerabilities.
Microsoft has patched a memory corruption vulnerability and an information disclosure vulnerability in Microsoft Office Outlook.
Microsoft confirms leak, raises security concerns that a range of new attacks created around USB storage devices and new man-in-the-middle techniques could arise
Microsoft is to remove SMB1 server software, which was used by the NSA and later exploited by the hackers behind the recent Wannacry outbreak.
The admission from Microsoft comes as Kaspersky Lab is suing the company for antitrust violations.
A file-transfer mechanism that Microsoft describes as a feature rather than a bug is being exploited by the Platinum hacking group on targeted machines in south east Asia.
Security researchers show how latest Microsoft operating system could have been infected by ransomware
When security researcher Tavis Ormandy revealed a vulnerability in Microsoft's Malware Protection Engine, he published proof-of-concept code and earned himself a rebuke from Graham Cluley.
Malwarebytes reports recent zero-days among Shadowbrokers hacking tools and code analysis appears to confirm earlier reported NSA origins.
Hackers are said to be rushing to develop exploits as Microsoft says it won't patch flaw in Internet Information Services (IIS) 6.0 on Windows Server 2003.
The software giant claims Genasom and Locky took second and third place for attacking Windows 10 Enterprise boxes with about 1000 infections each.
Microsoft patches configuration hole that allowed hackers to upload software packages to its Azure update infrastructure.
ISSE 2016 kicked off this morning, gathering IT professionals from around Europe to discuss the future of identity and authentication within security
The Russian Federal Antimonopoly Service has launched a probe into Microsoft after Eugene Kaspersky made a number of accusations about Windows 10.