Aurich Lawson / Getty reader comments 52 with 38 posters participating Share this story A small retail business in North Africa, a North American telecommunications provider, and two separate religious organizations: What do they have in common? They’re all running poorly configured Microsoft servers that for months or years have been spraying the Internet with… Read More »
reader comments 20 with 16 posters participating Share this story A public proof-of-concept (PoC) exploit has been released for the Microsoft Azure Active Directory credentials brute-forcing flaw discovered by Secureworks and first reported by Ars. The exploit enables anyone to perform both username enumeration and password brute-forcing on vulnerable Azure servers. Although Microsoft had initially… Read More »
reader comments 8 with 8 posters participating Share this story Imagine having unlimited attempts to guess someone’s username and password without getting caught. That would make an ideal scenario for a stealthy threat actor—leaving server admins with little to no visibility into the attacker’s actions, let alone the possibility of blocking them. A newly discovered… Read More »
Getty Images reader comments 12 with 8 posters participating Share this story One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network, a researcher said on Friday. Zerologon, as the vulnerability… Read More »