CVE-2023-23397

By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate

Hand-Picked Top-Read Stories

What Makes a Good Password?

Preview

byInnovate Cybersecurity

October 30, 2025 16:15 GMT

11 minute read

Weekly Top 10: 10.27.2025: Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF Zero-Day Actively Exploited, and More.

byInnovate Cybersecurity

October 27, 2025 16:00 GMT

4 minute read

Tamika Bass On Being Intentional: Acknowledging Mental Health In Cybersecurity

Preview

byInnovate Cybersecurity

October 22, 2025 17:50 GMT

7 minute read

Trending Tags

By security practitioners, for security practitioners

March 2023 Patch Tuesday Closes Two Zero-Days Actively Exploited By State-Sponsored Actors

Microsoft's Patch Tuesday for March 2023 fixes more than 80 vulnerabilities, 9 of which are rated critical severity, and 2 zero-days—an Outlook Elevation of Privilege Vulnerability (CVE-2023-23397) and a Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-24880). Administrators are encouraged to apply updates ASAP. If this is not possible, there are some mitigating actions to be taken.

March 15, 2023 18:37 GMT

Hand-Picked Top-Read Stories

What Makes a Good Password?

Weekly Top 10: 10.27.2025: Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF Zero-Day Actively Exploited, and More.

Tamika Bass On Being Intentional: Acknowledging Mental Health In Cybersecurity

Trending Tags

CVE-2023-23397

March 2023 Patch Tuesday Closes Two Zero-Days Actively Exploited By State-Sponsored Actors

2025

Threat Advisories

Weekly Top 10: 10.27.2025: Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF Zero-Day Actively Exploited, and More.

Weekly Top 10: 10.20.2025: Microsoft Revokes 200+ Certs Used in Fake Teams Installers; Chinese Apt ‘Jewelbug’ Hit Russian It Services Firm; CISA ICS Advisory: Hitachi Energy MACH GWS, and More.

Weekly Top 10: 10.13.2025: Ransomware Arrests Tied to Kido Education Attack; Discord Confirms 70,000 Users’ ID Photos Exposed; Azure Outage Tied to Kubernetes Crash at Microsoft Front Door, and More.

Weekly Top 10: 10.06.2025: Hackers Launch Extortion Campaign Targeting Oracle E-Business Suite Customers; GreyNoise Detects 500% Surge in Scans Targeting Palo Alto Networks Portals; Ransomware Gang Sought BBC Reporter’s Help, and More.

Weekly Top 10: 09.29.2025: Emergency Directive on Cisco ASA/FTD Zero-Days; Cloudflare Mitigates 22.2 Tbps DDoS; Workforce PII Stolen in Supplier Ransomware Breach, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware