Data Privacy & Cybersecurity PracticeOn May 30, 2022, Microsoft issued an alert regarding a vulnerability in its Microsoft Support Diagnostic Tool that can be exploited using Microsoft Office documents and results in the unauthorized installation of programs or access to data.The vulnerability evades common protections associated with Microsoft Office documents, requires minimal user interaction, and can be used by a remote attacker to execute arbitrary code, escalate privileges to fully take over a machine, or deploy additional malware.
Read more »Tag: microsoft
-
The “Follina” Vulnerability: Microsoft Support Diagnostic Tool Alert for Zero Day Exploit CVE-2022-30190 Posted on: June 27, 2022 In: Data Privacy & Cybersecurity
-
ALERT: Zero-Day Vulnerabilities Being Exploited to Attack On-Premises Microsoft Exchange Servers Posted on: March 04, 2021 In: Data Privacy & Cybersecurity
On March 2, 2021, Microsoft released a new patch to address four zero-day exploits being used to attack on-premises Microsoft Exchange Servers. The United States Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has urged vulnerable businesses to read Microsoft’s update and apply patches to their systems as necessary.
Read more »
Blog Search
Featured Posts
- May 10, 2022 NCAA Takes Action to Address “Collectives” and “Booster” Involvement in NIL Activity
- May 09, 2022 Can Your Coffee Maker Be Hacked? Cybersecurity Issues and the Growing Internet of Things
- April 15, 2022 Federal Law Ends Mandatory Arbitration of Sexual Harassment and Sexual Assault Claims
Blog Tags
alabama
arkansas
audit
bank secrecy act
blockchain
breach notification
california
canada
ccpa
cisa
client notification
colorado
congress
connecticut
consumer data
consumer notification
consumer rights
coronavirus
covid-19
cpa
cpra
cryptocurrency
cyberattack
cyber insurance
cybersecurity
cyber threat
data breach
data privacy
data protection
data security
delaware
email
employment
equifax
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
federal trade commission
fincen
fraud
ftc
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
irs
legislative alert
malware
managed service providers
maryland
massachusetts
microsoft
microsoft office 365
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist
nist security controls
ofac
office for civil rights
opt out
personal data
personal information
phishing
privacy law
privacy protection patchwork
protected health information
ransomware
regulations
reporting requirements
russia ukraine conflict
sec
social media
statute
strengthening american cybersecurity act
supreme court
tax returns
treasury department
utah
video-teleconferencing
virginia
w2
washington
websites
wire transfers
workplace policy
zoom