Microsoft Office

Sneaky Log Phishing Scheme Targets Two-Factor Security

Posted on January 22, 2025January 22, 2025 by Admin

Security researchers at French firm Sekoia detected a new phishing-as-a-service kit targeting Microsoft 365 accounts in December 2024, the company announced on Jan. 16. The kit, called Sneaky 2FA, was distributed through Telegram by the threat actor service Sneaky Log. It is associated with about 100 domains and has been active since at least October 2024. Sneaky 2FA is an adversary-in-the-middle attack, meaning it intercepts information sent between two devices: in this case, a device…

Microsoft Is Disabling Default ActiveX Controls in Office 2024

Posted on September 10, 2024September 11, 2024 by Admin

Microsoft will disable ActiveX controls by default in the Office suite, starting in October with the release of Office 2024. Phasing out the software framework is likely related to numerous security vulnerabilities that have been exploited in the past. Dating back to 1996, ActiveX has long been used for embedding interactive objects, such as buttons or forms, within Office documents. It was formerly used to load multimedia content, like videos, in Internet Explorer. However, it…

Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Posted on August 14, 2024August 14, 2024 by Admin

Patch Tuesday, Microsoft’s monthly report of security updates, brought 90 CVEs, including some vulnerabilities that were being actively exploited. Some vulnerabilities originated in Chromium, meaning both Microsoft Edge and Google Chrome may have been affected. Here are the most critical flaws and patches disclosed by Microsoft on Aug. 13. Six zero-day flaws had been exploited Threat actors had already taken advantage of six zero-day exploits in particular: CVE-2024-38106: an elevation of privilege vulnerability in the…

Apple Operating Systems are Being Targeted by Threat Actors, Report Finds

Posted on June 18, 2024June 19, 2024 by Admin

The number of macOS vulnerabilities exploited in 2023 increased by more than 30%, according to a new report. The Software Vulnerability Ratings Report 2024 from patch management software company Action1 also found that Microsoft Office programs are becoming more exploitable, while attackers are targeting load balancers like NGINX and Citrix at a record rate. Action1 analysts used data from the National Vulnerability Database and CVEdetails.com to draw five insights into how the threat landscape changed…

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

Posted on April 26, 2024April 26, 2024 by Admin

The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report. Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability trends and tips about how to reduce identity attacks. Microsoft reported 1,228 vulnerabilities in 2023 The total number of Microsoft…

Microsoft Office

Microsoft Is Disabling Default ActiveX Controls in Office 2024

Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Apple Operating Systems are Being Targeted by Threat Actors, Report Finds

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)