Cybersecurity
The latest Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.
AuthQuake flaw let attackers brute-force Microsoft 365 MFA on 400M accounts
In December 2024, Oasis Security researchers uncovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA) system, known as "AuthQuake." This flaw allowed attackers to bypass...
Amazon Delays Microsoft 365 Rollout Amid Enterprise Security Audit
Amazon has reportedly delayed its company-wide rollout of Microsoft 365, citing cybersecurity concerns as the primary reason. This unexpected move has sent ripples through the tech industry, raising...
Amazon Delays Microsoft 365 Rollout Over Security Concerns: What It Means for Enterprise Users
Amazon has reportedly paused its company-wide rollout of Microsoft 365 due to unresolved security concerns, marking a significant setback in enterprise adoption of Microsoft's flagship productivity...
Exploit kits weaponize CVE-2024-12381; patch Edge now as attacks surge.
A newly discovered critical vulnerability in Chromium (CVE-2024-12381) has put millions of Microsoft Edge users at risk of remote code execution attacks. This zero-day flaw, which affects all...
AuthQuake attack exploits MFA token flaws; Microsoft urges Conditional Access and FIDO2 keys now.
A newly discovered cybersecurity threat named AuthQuake has emerged, capable of bypassing Microsoft's Multi-Factor Authentication (MFA) protections. This sophisticated attack vector poses significant...
Microsoft December 2024 Patch Tuesday: 71 Fixes, 6 Zero-Days, 3 Exploited
Microsoft's December 2024 Patch Tuesday has arrived, addressing a total of 71 vulnerabilities across its product ecosystem, including critical fixes for Windows, Office, and Azure. This month's...
CVE-2024-49071: Critical Windows Defender Vulnerability Puts Systems at Risk
A newly discovered vulnerability in Windows Defender, tracked as CVE-2024-49071, has raised serious concerns among cybersecurity experts. This critical flaw could allow attackers to bypass...
Emergency Patch Required: Microsoft Update Catalog Bug CVE-2024-49147 Enables Remote SYSTEM Access
Microsoft has issued a critical security alert regarding CVE-2024-49147, a dangerous deserialization vulnerability affecting the Microsoft Update Catalog service. This flaw, rated 9.8 on the CVSS...
CISA Issues 10 Critical Advisories for Securing Industrial Control Systems Against Cyber Threats
The Cybersecurity and Infrastructure Security Agency (CISA) has released 10 new advisories addressing critical vulnerabilities in industrial control systems (ICS), marking a significant push to...
Install Apple’s December 2024 Security Updates Now—Critical iOS & macOS Flaws Under Active Attack
Apple has released critical security updates in December 2024 to address vulnerabilities across its ecosystem, including iOS, macOS, and other platforms. These patches come as cybersecurity threats...
CISA Advisory: Critical Siemens SENTRON Powercenter 1000 Vulnerability Exposes Industrial Systems to BLE Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding a critical Bluetooth Low Energy (BLE) vulnerability in Siemens SENTRON Powercenter 1000 devices...