Cve-2023-23397 - Quickly Check Vulnerability Status and Trigger Updates

Yesterday Microsoft announced a new critical vulnerability CVE-2023-23397, a vulnerability in Microsoft Outlook that allows a threat actor to harvest NTLMv2 hashes via a specifically crafted Outlook appointment. Microsoft state that attackers can exploit this vulnerability by sending an email that triggers automatically when it is retrieved and processed by the Outlook client. This can lead to exploitation BEFORE the email is viewed in the Preview Pane. They also state that this vulnerability is being actively exploited in the wild....

<span title='2023-03-15 14:45:08 +0000 UTC'>15 March 2023</span>&nbsp;·&nbsp;2 min&nbsp;·&nbsp;245 words&nbsp;·&nbsp;Aiden Arnkels-Webb
Picture of Microsoft Authenticator

What's the difference between Authentication, Authorisation and Accounting? (AAA)

Authentication Authentication is saying “I am me”. It validates who you are. When you go to a club and the bouncer stops you and you tell him you’re on the guest list, you then show him your ID and he says “Ahh! You’re that guy, come on in” - that’s Authentication Authorisation Authorisation validates what you claim to be. Going back to the club and the bouncer stops you. You show him your ID....

<span title='2022-07-27 12:36:29 +0100 +0100'>27 July 2022</span>&nbsp;·&nbsp;2 min&nbsp;·&nbsp;218 words&nbsp;·&nbsp;Aiden Arnkels-Webb