Search results
Results from the Health.Zone Content Network
Microsoft account logo. A Microsoft account or MSA [1] (previously known as Microsoft Passport, [2].NET Passport, and Windows Live ID) is a single sign-on personal user account for Microsoft customers to log in to consumer [3] [4] Microsoft services (like Outlook.com), devices running on one of Microsoft's current operating systems (e.g. Microsoft Windows computers and tablets, Xbox consoles ...
When automatic PAC provisioning is enabled, EAP-FAST has a vulnerability where an attacker can intercept the PAC and use that to compromise user credentials. This vulnerability is mitigated by manual PAC provisioning or by using server certificates for the PAC provisioning phase. It is worth noting that the PAC file is issued on a per-user basis.
Server-side request forgery; Shatter attack; SIGRed; Sigreturn-oriented programming; SigSpoof; Silver Sparrow (malware) SMBRelay; SMS spoofing; Smudge attack; Stack buffer overflow; Stagefright (bug) Structural vulnerability (computing) Swatting; Symlink race; System Reconfiguration Attacks
PowerShell is a task automation and configuration management program from Microsoft, consisting of a command-line shell and the associated scripting language.Initially a Windows component only, known as Windows PowerShell, it was made open-source and cross-platform on August 18, 2016, with the introduction of PowerShell Core. [4]
In February 2024, a malicious backdoor was introduced to the Linux utility xz within the liblzma library in versions 5.6.0 and 5.6.1 by an account using the name "Jia Tan". [b] [2] The backdoor gives an attacker who possesses a specific Ed448 private key remote code execution capabilities on the affected Linux system.
Wi-Fi Protected Access (WPA), Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks.
A vulnerability in the Xpdf implementation of JBIG2, re-used in Apple's iOS phone operating software, allowed Pegasus to construct an emulated computer architecture inside the JBIG2 stream which was then used to implement the zero-click attack. Apple fixed the vulnerability in iOS 14.8 in September 2021 as CVE-2021-30860. [44]
Best Server-Side Bug: Orange Tsai, for his Microsoft Exchange Server ProxyLogon attack surface discoveries. [11] Best Cryptographic Attack: The NSA for its disclosure of a bug in the verification of signatures in Windows which breaks the certificate trust chain. [12]