All posts tagged "Microsoft"
-
1.4KVulnerabilitiesHackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat...
-
1.8KGeek9-year-old Windows flaw abused to drop ZLoader malware in 111 countries
The vulnerability was identified and fixed in 2013 but in 2014 Microsoft revised the fix allowing Malsmoke hackers in 2022 to spread...
-
3.8KCyber AttackMicrosoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities
Microsoft is warning of continuing attempts by nation-state adversaries and commodity attackers to take advantage of security vulnerabilities uncovered in the Log4j...
-
2.7KData SecurityAttackers bypass Microsoft security patch to drop Formbook malware
The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious...
-
3.3KCyber AttackHackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials
Malicious actors are deploying a previously undiscovered binary, an Internet Information Services (IIS) webserver module dubbed “Owowa,” on Microsoft Exchange Outlook Web...
-
4.8KMalwareMicrosoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware
Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw...
-
515MalwareMicrosoft Details Building Blocks of Widely Active Qakbot Banking Trojan
Infection chains associated with the multi-purpose Qakbot malware have been broken down into “distinct building blocks,” an effort that Microsoft said will...
-
3.1KData SecurityFake KPSPico Windows activator tool KPSPico steals crypto wallet data
The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies,...
-
2.9KData SecurityMicrosoft disrupts activity of Chinese hackers by seizing 42 websites
Dubbed Nickel by Microsoft; the group of Chinese hackers was actively using the websites for intelligence gathering from thanks tanks, human rights...
-
4.8KMalwareSolarWinds Hackers Targeting Government and Business Entities Worldwide
Nobelium, the threat actor attributed to the massive SolarWinds supply chain compromise, has been once again linked to a series of attacks...
-
1.5KCyber AttackMicrosoft Seizes 42 Malicious Web Domains Used By Chinese Hackers
Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations...
-
2.4KGeekAttackers exploiting Windows Installer vulnerability despite patching
According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator....
-
1.1KGeekUnpatched Microsoft Exchange Servers abused in new phishing campaign
The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which...
-
3.7KVulnerabilitiesUnpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS
Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation...
-
1.1KData SecurityProxyShell vulnerabilities exploited in domain-wide ransomware attacks
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The...
-
4.4KData SecuritymacOS flaw allowed attackers to install persistent, undetectable malware
Microsoft recently discovered a critical security vulnerability in macOS, which as per Microsoft 365 Defender Research team’s researcher Jonathan Bar-Or, could have...
-
2.7KCyber CrimeNew malware lures fake Chrome update to attack Windows PCs
The prime target of this malware campaign is unsuspecting users on Windows 10. Rapid7 Managed Detection and Response team has shared details...
-
909MalwareNew ‘Shrootless’ Bug Could Let Attackers Install Rootkit on macOS Systems
Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take...
-
4.2KMalwareMicrosoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks
Microsoft on Thursday disclosed an “extensive series of credential phishing campaigns” that takes advantage of a custom phishing kit that stitched together...
-
3.6KMalwareResearchers Discover Microsoft-Signed FiveSys Rootkit in the Wild
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that’s used to proxy traffic to internet...
-
2.1KCyber AttackMicrosoft Warns of Iran-Linked Hackers Targeting US and Israeli Defense Firms
An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting US, EU, and Israeli defense...
