risk management

Original release date: May 11, 2016 Systems Affected Outdated or misconfigured SAP systems Overview At least 36 organizations worldwide are affected by an SAP vulnerability Link Removed. Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An...

I recently made a support call to what I thought was HP customer support. The rep that answered tried to convince me I had a virus in my hard drive and that I needed to purchase Microsoft Forefront Security Service. At this point I ended the call, however I did foolishly allow the rep to access...

Original release date: July 31, 2014 Systems Affected Point-of-Sale Systems Overview This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and...

It is often said that attackers have an advantage, because the defenders have to protect every part of their systems all the time, while the attacker only has to find one way in. This argument oversimplifies the security landscape and the real strength that defenders can achieve if they work...

Severity Rating: Important Revision Note: V1.0 (November 12, 2013): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Outlook. The vulnerability could allow information disclosure if a user opens or previews a specially crafted email...

Hello I keep getting a reminder that protected mode is on and to click to disable it if I want. it pops up in my Outlook.com and some other sites. I can see in internet options under advanced where I can uncheck it but the increase risk is a concern. It also appears under MSIE 11 'security' both...

Today we released Security Advisory 2896666 regarding an issue that affects customers using Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync. We are aware of targeted attacks, largely in the Middle East and South...

Today, we are releasing 10 bulletins, addressing 33 vulnerabilities in Microsoft products. Before we get into the details, we wanted to first let our enterprise customers know about a change in how we’re communicating technical details within our security advisories. Starting today...

Severity Rating: Important Revision Note: V1.0 (September 11, 2012): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Visual Studio Team Foundation Server. The vulnerability could allow elevation of privilege if a user clicks...

Today, we published Security Advisory 2743314, which provides guidance that will help protect customers from a technique that could allow a man-in-the middle attack to obtain a user’s domain credentials when VPN is configured to use PPTP and MSCHAPv2. Customers concerned with this...

Before we dive into the July security updates, let’s change up the normal order and take a look at the two Security Advisories we are releasing today. One takes an exciting step into the future, while the other prepares us to take an equally important step away from the past. Security...

As a part of the Industry Consortium for Advancement of Security on the Internet (ICASI), Microsoft is pleased to present an initial set of monthly security updates – originally released on May 8 – in the consortium’s newly established Common Vulnerability Reporting Framework...

Severity Rating: Important Revision Note: V4.3 (March 13, 2012): Added an entry to the update FAQ to announce a detection change for KB2565063 and KB2565057 to correct an installation issue. This is a detection change only. There were no changes to the security update files...

Revision Note: V5.0 (July 6, 2011): Announced the release of an update for Zune HD devices and moved Zune devices to the Non-Affected Devices table. Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted...

How To Respond To A Denial Of Service Attack -- InformationWeekHow To Respond To A Denial Of Service Attack - security Blog

Toshiba website hacked – email addresses and passwords exposed | Naked Security

The warning is part of a new plan being instituted by park officials to avoid a repeat of the Oct. 16 death of Bob H. Boardman of Port Angeles in a goat attack, according to the Link Removed - Invalid URL. Read Full Story: The Blotter | Goat-goring death prompts new measures at Olympic National...

Microsoft’s biggest risk with Windows 8 revolves around the familiar themes that always haunt the company: Reverse compatibility and the need to make Windows the Swiss Army knife of computing. Source: Yahoo! News

I happen to live in something of an earthquake zone and it seems that these things do happen quite randomly, such as when you're sitting at home watching TV. However, some in Italy feel that it's about time seismologists were held responsible for their supposed ability to recognize when a...