Updating all the software solutions that we use daily is one of the main cybersecurity practices, since it allows us to keep our systems always protected by applying the corrections that the manufacturers of these products prepare for the possible exploitation of security flaws. However, it is necessary to stay alert, as threat actors can […]
In an ongoing campaign, the threat actors are distributing Magniber ransomware as an update through modern web browsers. Cybersecurity researchers at ASEC have closely monitored Magniber and reported that to deploy this ransomware the operators behind it are actively exploiting the Internet Explorer (IE) vulnerabilities for the last couple of years. But, now apart from […]
An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft’s digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been tracking the sophisticated infection chain since November 2021, attributed it to a cybercriminal group dubbed MalSmoke, citing similarities […]
Microsoft is warning of continuing attempts by nation-state adversaries and commodity attackers to take advantage of security vulnerabilities uncovered in the Log4j open-source logging framework to deploy malware on vulnerable systems. “Exploitation attempts and testing have remained high during the last weeks of December,” Microsoft Threat Intelligence Center (MSTIC) said in revised guidance published earlier […]
The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings over how attackers used a novel exploit to bypass a patch for a crucial vulnerability impacting the Microsoft Office file format. Researchers revealed that the […]
A few weeks ago Microsoft contacted a small group of Azure customers to inform them that they could be affected by a vulnerability recently discovered and identified as NotLegit, which exposed the source code of Azure web applications at least since September 2017. The flaw, identified by Wiz researchers, was described as insecure default behavior […]
Microsoft said it won’t be fixing or is pushing patches to a later date for three of the four security flaws uncovered in its Teams business communication platform earlier this March. The disclosure comes from Berlin-based cybersecurity firm Positive Security, which found that the implementation of the link preview feature was susceptible to a number […]
In its latest security alert, Microsoft asked its customers to apply available updates to fix two privilege escalation vulnerabilities in Active Directory whose exploitation would allow threat actors to easily take control of Windows domains. The flaws were tracked as CVE-2021-42287 and CVE-2021-42278 and were corrected during November Patch Tuesday. Although the required patches had […]
Malicious actors are deploying a previously undiscovered binary, an Internet Information Services (IIS) webserver module dubbed “Owowa,” on Microsoft Exchange Outlook Web Access servers with the goal of stealing credentials and enabling remote command execution. “Owowa is a C#-developed .NET v4.0 assembly that is intended to be loaded as a module within an IIS web […]
Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw that’s being abused to deliver Emotet, TrickBot, or Bazaloader malware payloads. The latest monthly release for December fixes a total of 67 flaws, bringing the total number of bugs patched by the company […]
Infection chains associated with the multi-purpose Qakbot malware have been broken down into “distinct building blocks,” an effort that Microsoft said will help to proactively detect and block the threat in an effective manner. The Microsoft 365 Defender Threat Intelligence Team dubbed Qakbot a “customizable chameleon that adapts to suit the needs of the multiple […]
Dubbed Nickel by Microsoft; the group of Chinese hackers was actively using the websites for intelligence gathering from thanks tanks, human rights organizations, and government agencies in 29 countries. The Microsoft Digital Crimes Unit disrupted the activities of a hacking group based in China after a federal court allowed the company to seize the websites […]
Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the malicious activities to a group […]
The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which these appeared legit. According to the IT security researchers at Certitude, a Vienna-based consulting firm specializing in communication technology risks and information management, threat actors are exploiting unpatched Microsoft Exchange Servers to send […]
Microsoft has been developing a project collaboration solution for enterprise projects. The Loop app is now accessible to Microsoft 365 commercial customers. The Loop app is an independent software on the Microsoft Teams chat platform that can be integrated with other apps or used solely. Its goal is to assist businesses in expediting project details, meeting […]
Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as CVE-2021-24084 (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain unauthorized file […]
The attacks started in July 2021 in which threat actors exploited Microsoft MSHTML vulnerability to target overseas Iranians. SafeBreach Labs researchers discovered a new Iranian threat actor trying to steal Instagram and Google (Gmail) login credentials of Farsi-speakers globally. The threat actor is using a new PowerShell-based stealer dubbed PowerShortShell by SafeBreach Labs. The attacks […]
At the CyberWarCon 2021 conference, the cybersecurity experts of Microsoft Threat Intelligence Center (MSTIC) has presented an analysis of the activities and evolution of several Iranian cybercriminal groups. In this analysis, the Microsoft Threat Intelligence Center (MSTIC) has claimed that the attacks by the Iranian hackers are becoming more sophisticated and evolving rapidly with new […]
Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have leveraged multiple Fortinet […]
The Cisco security researchers informed recently that another threat actors organization is targeting the Microsoft Exchange Server vulnerabilities to disseminate the ransomware “Babuk”, and to do so, they have not reinforced the ProxyShell vulnerability. The ProxyShell is a general term for 3 Exchange Server vulnerabilities that have:- CVE-2021-34473 CVE-2021-34523 CVE-2021-31207 However, all these 3 exchange […]
Microsoft on Thursday disclosed an “extensive series of credential phishing campaigns” that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant’s Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the […]