All posts tagged "Microsoft"
-
4.3KVulnerabilitiesMicrosoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack
Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which...
-
4.3KCyber AttackNew Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022...
-
3.1KMalwareMicrosoft Issues January 2023 Patch Tuesday Updates, Warns of Zero-Day Exploit
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that...
-
1.4KMalwareMicrosoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
Microsoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are known to impact Apple...
-
1.7KMalwareAPT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many...
-
2.2KVulnerabilitiesMicrosoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as ‘Critical’
Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to “Critical” after it emerged...
-
4.1KMalwareRansomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems
Microsoft on Tuesday disclosed it took steps to implement blocking protections and suspend accounts that were used to publish malicious drivers that...
-
837MalwareMicrosoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including...
-
1.9KMalwareMicrosoft Blames Russian Hackers for Prestige Ransomware Attacks on Ukraine and Poland
Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors in Ukraine and Poland to a threat...
-
1.4KVulnerabilitiesMicrosoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech...
-
2.3KData BreachMicrosoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint...
-
3.0KMalwareNew Prestige Ransomware Targeting Polish and Ukrainian Organizations
A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload...
-
4.8KVulnerabilitiesState-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the...
-
Vulnerabilities
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation. “The...
-
3.1KVulnerabilitiesWARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation
Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks...
-
4.8KMalwareBlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal
The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach. “Among some...
-
858MalwareMicrosoft Warns of Large-Scale Click Fraud Campaign Targeting Gamers
Microsoft said it’s tracking an ongoing large-scale click fraud campaign targeting gamers by means of stealthily deployed browser extensions on compromised systems....
-
472MalwareMicrosoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group
Microsoft’s threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks...
-
1.2KMalwareNew Evidence Links Raspberry Robin Malware to Dridex and Russian Evil Corp Hackers
Researchers have identified functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further...
-
918VulnerabilitiesMicrosoft Discover Severe ‘One-Click’ Exploit for TikTok Android App
Microsoft on Wednesday disclosed details of a now-patched “high severity vulnerability” in the TikTok app for Android that could let attackers take...
-
3.9KVulnerabilitiesIranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability’s long...
