The Goose Tool is a new free tool that may assist network defenders in identifying possibly malicious activities in Microsoft Azure, Azure Active Directory, and Microsoft 365 environments. It was developed by CISA and is available on their website. The Unidentified Goose Tool, which was developed with assistance from Sandia National Laboratories, provides network defenders […]
Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to […]
Becoming verified on well-known platforms such as Instagram, Twitter, or the Apple AppStore has become the standard for determining one’s standing in the current online social scene. As users, we trust verified accounts more than those that aren’t. In the business sector, the situation is exactly the same with third-party OAuth app publishers who have […]
OneNote is one of the most popular components of the Microsoft 365 package, which the firm is still working to improve even as we speak by releasing new updates. However, as a consequence of the product undergoing continuous beta testing, hackers have discovered and exploited weaknesses in order to launch malware attacks based on phishing. […]
A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. “The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu,” Ermetic researcher Liv Matan said in a report shared […]
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild. 11 of the 98 issues are rated Critical and 87 are rated Important in severity, with one of the vulnerabilities also listed as […]
Microsoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are known to impact Apple macOS systems. “While these malware families are old, they exemplify the range of capabilities and malicious behavior possible on the platform,” the tech giant’s Security Threat Intelligence team said in a Thursday report. […]
Recent cyberattacks utilizing the Play ransomware were spotted targeting Exchange servers. These attacks used a novel exploit chain that circumvented the protections provided by Microsoft’s ProxyNotShell. When the researchers were looking into Play ransomware infections, they found that the most prevalent entry vector was Microsoft Exchange, therefore they discovered that the vulnerability CVE-2022-41082 was being […]
Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to “Critical” after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism. […]
Microsoft on Tuesday disclosed it took steps to implement blocking protections and suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program. The tech giant said its investigation revealed the activity was restricted to a number of developer program accounts and that no further compromise was detected. […]
Rackspace, a provider of cloud computing services, has admitted that it was the victim of a ransomware incident, which resulted in the business being forced to shut down its Hosted Exchange environment. Since Friday, December 2, the hosted Microsoft Exchange service provided by Rackspace has been experiencing a variety of issues. The affected environment was […]
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569. “Observed DEV-0569 attacks show a pattern of continuous […]
Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors in Ukraine and Poland to a threat cluster that shares overlaps with the Russian state-sponsored Sandworm group. The attacks, which were disclosed by the tech giant last month, involved a strain of previously undocumented malware called Prestige and is said […]
Microsoft’s Dynamics 365 Customer Voice is a software that is primarily used to collect customer feedback.It may be utilized to gather data into actionable insights, track consumer feedback, and conduct polls of client satisfaction. To communicate with victims, hackers are exploiting the Static Expressway. In a nutshell, it’s a method for evading security scanners that […]
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that organizations […]
Microsoft has been informed about the incorrectly configured Microsoft endpoint by security experts at SOCRadar. This results in unauthorized access to some business transaction data pertaining to exchanges between Microsoft and potential clients, such as the preparation for and future deployment of Microsoft services. Papers that may include intellectual property are also included in the […]
Recently, Microsoft has confirmed that due to a misconfiguration of Microsoft server multiple sensitive information about some of Microsoft’s customers was exposed over the internet. A total of over 65,000 leaked entities were detected by SOCRadar in this leak, which has now become public. Security researchers from SOCRadar, a company that specializes in threat intelligence, […]
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. “This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the […]
New research has disclosed what’s being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. “The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation,” Finnish cybersecurity company WithSecure said in a report published […]
Last week two zero-day flaws, CVE-2022-41040 and CVE-2022-41082, impacting Microsoft Exchange Server were revealed by the Vietnamese security firm GTSC. Microsoft later added the confirmation that the zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019 are being used in the wild.Two of the impacted Exchange servers were examined by AhnLab, a Korean cyber […]
Researchers at Cisco Talos revealed a malicious campaign that deploys Cobalt Strike beacons on compromised hosts. The attack involves a multistage and modular infection chain with fileless, malicious scripts. This attack is a email with a malicious Microsoft Word document attachment which exploits the vulnerability tracked as (CVE-2017-0199), a remote code execution issue in Microsoft […]