Microsoft Remote Desktop Protocol (RDP) Vulnerability Discovered

Microsoft Remote Desktop Protocol (RDP) is one of the most popular solutions used to access critical infrastructure servers for many organizations, including those who run virtual servers on Microsoft Azure. A group of hackers, called the Secret Club, inadvertently found a major flaw in Microsoft Remote Desktop Protocol (RDP) technology. A researcher found a cleartext […]

NSA Discovers New Critical Exchange Server Vulnerabilities

Microsoft released three new patches for its Exchange Server software on Tuesday after the National Security Agency (NSA) alerted the company to a fresh batch of critical vulnerabilities. All discovered flaws, four in total, lead to remote code execution on a vulnerable machine. “We urge all owners and operators of Microsoft Exchange Servers to apply […]

Disgruntled IT Contractor in Jail | Protect Against Insider Threats

Large-scale internal security breaches are becoming increasingly more popular, costing companies millions of dollars each year. The sum of this loss comes from the financial damages of the breach itself and, in some cases more importantly, damage to the company’s reputation, translating to big dollars off the company’s bottom line. A recent judgement serves as […]

Midnight tonight deadline to patch Windows Servers

  The U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) doesn’t issue emergency directives unless there’s a serious cause for concern.   There is a vulnerability that could enable an attacker with network access to gain admin status by sending a string of zeros using the Windows Netlogon protocol. A vulnerability that, CISA said, […]

More than 900 VPN Passwords Leaked by Hacker

  A list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers, has been published on a Russian-speaking hacker forum frequented by multiple ransomware gangs.  According to a threat intelligence analyst, the list includes:  IP addresses of Pulse Secure VPN servers  Pulse Secure VPN server firmware […]

Class-action lawsuit has accused Microsoft of sharing customer data

A lawsuit has been filed with Microsoft for allegedly sharing the content of business customers’ emails, documents, contacts, calendars, location data, audio files, and video files, among other forms of data, without consent.  According to the lawsuit, Microsoft is routinely sharing business customers’ data, including personal and corporate information, with Facebook and other third parties despite publicly claiming it doesn’t.  […]

Exchange Online Down in Europe – EX216336

Reports are showing up online that users may be unable to connect to the Exchange Online service. Several users here at Cayosoft report not being able to connect to the full-Outlook client to Exchange Online, however the web based version of Outlook appears to be working. Current status as of 11:55 AM 6/15/2020: We’re investigating […]

Microsoft’s February Security Patches Deliver 12 “Critical” Fixes Among Others

Microsoft has released a hundred patches to Windows and other Microsoft software, including 12 vulnerabilities flagged as Critical, and 87 flagged as Important. Products such as Microsoft’s browsers, Windows, Office, Exchange Server and even the Windows Malicious Software Removal Tool received updates (see Release Notes).  Most of the critical bugs are remote code execution and memory corruption bugs […]

New Survey Finds...

Active Directory forest recovery not taken serious enough. See what else your peers had to say.