privileged access

Microsoft’s August Patch Tuesday delivered a heavy-duty security package this month — industry tallies vary between 107 and 111 vulnerabilities, including a publicly disclosed Kerberos elevation-of-privilege issue (CVE‑2025‑53779) and roughly a dozen other critical remote‑code‑execution (RCE)...

Title: Urgent: CVE-2025-53793 — Azure Stack Hub “Improper Authentication” Information Disclosure (what admins need to know and do) Lede Microsoft has published an advisory for CVE-2025-53793 describing an “improper authentication” vulnerability in Azure Stack Hub that can allow an...

Microsoft’s Security Response Center has published an advisory for CVE-2025-53765 describing an information disclosure vulnerability in Azure Stack Hub that can allow an authorized local actor to disclose private personal information; Microsoft’s advisory notes the issue specifically affects...

Windows Hello, long touted as the seamless and secure future of biometric login for Windows users, now finds itself under intense scrutiny following a dramatic live demonstration at this year’s Black Hat security conference in Las Vegas. Two German researchers unveiled a critical vulnerability...

Disaster recovery in the Microsoft 365 universe often conjures images of cloud-to-cloud backups, tiered failover architectures, and storage redundancy. But for experts with decades in the trenches, data durability starts much closer to home—with identity itself. As John O’Neill Sr. and Dave...

When considering disaster resilience for Microsoft 365, the discussion often revolves around infrastructure, backup, and failover. However, insight from leading industry experts reveals a more foundational vulnerability—identity. At a pivotal summit hosted by Virtualization & Cloud Review, IT...

A pivotal security development has emerged from the world of enterprise identity management: a critical flaw has been identified in delegated Managed Service Accounts (dMSA) within Windows Server 2025. This vulnerability, discovered and named the “Golden dMSA” attack by Semperis security...

In July 2025, a significant security vulnerability, identified as CVE-2025-48803, was disclosed, affecting Windows systems utilizing Virtualization-Based Security (VBS). This flaw allows authorized attackers to elevate their privileges locally due to a missing integrity check within the VBS...

Microsoft 365 has become the digital heart of modern organizations, supporting operations that range from email and file storage to real-time collaboration and regulatory compliance. Despite its reputation for robust security and the billions of dollars Microsoft invests in cybersecurity...

Here's what is known based on your provided information: CVE-2025-32712: Win32k Elevation of Privilege Vulnerability Type: Elevation of Privilege (EoP) Component: Win32K (GRFX) Attack Method: Use-after-free vulnerability, potentially allowing an authorized local attacker to elevate privileges...

The digital backbone of enterprise identity and access management, Active Directory (AD), stands atop the list of cybercriminal targets—and for good reason. High-profile breaches and security advisories throughout the past year only underscore how often attackers exploit AD misconfigurations...

In a newly issued advisory, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has put multinational enterprises and IT professionals on high alert following a series of attacks specifically targeting Commvault’s Microsoft Azure-hosted environment. This warning, published just as...

There are ghosts in the machine, not of the poetic variety but of the unmonitored, high-privilege, code-running kind—scripts and scheduled tasks installed years ago by sysadmins who have long since left the company. These “dead man’s scripts” aren’t mere relics of the past; they represent a...

The evolution of service account security within enterprise Windows environments has seen major innovation with the introduction of Delegated Managed Service Accounts (dMSAs), particularly in Windows Server 2025. Promoted as an important cornerstone for automating credential management and...

Microsoft's security landscape has reached a new milestone, with the BeyondTrust 2025 Microsoft Vulnerabilities Report documenting a record 1,360 vulnerabilities in 2024—a significant 11% increase from the previous peak in 2022. Key Findings from the 2025 Report: Elevation of Privilege (EoP)...

An explosive whistleblower disclosure has thrust the Department of Government Efficiency (DOGE) into the center of one of the most alarming U.S. government cybersecurity controversies in recent memory. According to a meticulously documented report by Daniel Berulis, an experienced DevSecOps...

As the manufacturing sector races ahead in its digital transformation, the intersection of IoT, OT, and security comes sharply into focus. Today, the digital thread runs deep in factories, weaving intelligent automation, connected sensors, and remote operations into a unified tapestry that...

Feeling nostalgic for those halcyon days when logging into your enterprise apps felt optional? Well, savor the memory—Microsoft just flipped the script. In its ongoing tug-of-war with shadowy cyber villains, the tech giant has unleashed the “Reauthentication Every Time Policy” for Entra ID, an...

I have been struggling with this for some time... At our company, like I assume at every enterprise, management believe that we (they) have implemented "least privilege principle", i.e. every software and every user has only those rights and privileges that are really needed for the task to be...

Original release date: December 17, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure...