Microsoft on Thursday disclosed an “extensive series of credential phishing campaigns” that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant’s Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the […]
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that’s used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware “FiveSys,” calling out its possible credential theft and in-game-purchase hijacking […]
Microsoft has confirmed to mitigate a massive DDoS attack originated from a botnet comprising 70,000 compromised IoT devices. Microsoft reported that an unnamed customer of its Azure cloud platform was targeted with a 2.4 Tbps DDoS attack in the last week of August, which the company mitigated. This DDoS attack was around 140% higher than […]
An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting US, EU, and Israeli defense technology companies, with additional activity observed against regional ports of entry in the Persian Gulf as well as maritime and cargo transportation companies focused in the Middle East. Microsoft is tracking the hacking […]
Google holds the top slot with over 547 vulnerabilities, Microsoft is on number two with 432 unwanted exposure instances and Oracle is on number three with 316 vulnerabilities in H1 2021. The latest AtlasVPN report analyzes mobile security and common vulnerabilities in the current cybersecurity landscape. The report revealed that in early 2021, Google, Microsoft, and Oracle […]
Microsoft has warned of a new FoggyWeb backdoor being used by Nobelium, the same state-sponsored hacking group believed to be responsible for SolarWinds supply-chain attacks. According to Microsoft, the notorious attacker group Nobelium is using a never-before-seen post-exploitation backdoor that can steal sensitive data from a compromised AD FS (Active Directory Federation Services) server. What […]
Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services (AD FS) servers. The tech giant’s Threat Intelligence Center (MSTIC) codenamed the “passive and highly targeted backdoor” FoggyWeb, making it the threat actor […]
Cybersecurity specialists report the detection of a design error in an important function of the Microsoft Exchange email server that could be abused by threat actors in order to collect Windows domains and application credentials from millions of users. Amit Serper, the specialist in charge of the finding, mentions that the error lies in the […]
An unpatched design flaw in the implementation of Microsoft Exchange’s Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. “This is a severe security issue, since if an attacker can control such domains or has the ability to ‘sniff’ traffic in the same network, they can […]
Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices. “These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific tables,” researchers from Eclypsium said […]
Stories of ransomware assaults are common in many headlines worldwide. The attacks target both large and small businesses alike. Research suggests that over half of organizations find it difficult to detect if they have enough cybersecurity to prevent them from ransomware attacks. Some of these organizations do not have the tools needed to protect their […]
Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by researchers from Wiz, affect a little-known software […]
A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively exploited zero-day in its MSHTML Platform that came to […]
Currently, there is no evidence that this particular Azure vulnerability was exploited to gain unauthorized access to customer data. In its newest blog post, Microsoft’s Security Response Center (MSRC) has warned Azure cloud computing users about a flaw in the system that allows hackers to access their data. RECENT: Hackers accessed primary keys of Azure’s Cosmos […]
So far, the ongoing phishing attack has utilized more than 350 unique domains to target Microsoft Office 365 users. Microsoft has warned about a new widespread phishing campaign in which scammers are abusing open redirect links to divert users to malicious websites and steal MS Office 365 credentials. In a detailed report, the IT security researchers […]
According to researchers, the incident involved 47 government and private entities across the United States. The IT security researchers at UpGuard published a research report disclosing that organizations using Microsoft Power Apps were susceptible to a default misconfiguration, which made their data sets findable by anyone knowing the web address and search engines. UpGuard researchers […]
Microsoft is urging customers to “install these updates immediately.” Last week, the IT security researchers at Sangfor revealed a critical 0-day vulnerability affecting the Windows Print Spooler service that helps PCs manage the flow of print jobs being sent to a printer or print server. Dubbed PrintNightmare (CVE-2021-1675) by researchers; Microsoft acknowledged the vulnerability however […]
Researchers have identified 140+ webshells launched against 1,900 unpatched Microsoft Exchange servers. The Cybersecurity & Infrastructure Security Agency (CISA) issued an urgent security alert about a sudden and unexpected rise in ProxyShell attacks. The agency has joined hands with the cybersecurity community to spread awareness among organizations to immediately install the latest security update in […]
Microsoft acknowledged the incident and currently investigating the issue but at the same time downplaying its impact. In recent news, it has been found that Microsoft signed off a third-party driver, Netfilter, for Windows that contains rootkit malware and has been circulating mainly amongst the gaming community. This was first found out by Karsten Hahn, […]
Experts reveal that the PetitPotam attack forces remote Windows servers such as Domain Controllers to validate a malicious destination. Microsoft has released an advisory on the newly identified Windows security flaw that allows attackers to take complete control of a Windows domain. Experts revealed that the vulnerability, dubbed PetitPotam, forces remote Windows servers such as […]
Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been weaponized by a malicious actor “to access other customers’ information” in what the researchers described as the “first cross-account container takeover in the public cloud.” An attacker exploiting the weakness could execute malicious commands on other […]