All posts tagged "Microsoft"
-
2.4KVulnerabilitiesResearchers Uncover UEFI Secure Boot Bypass in 3 Microsoft Signed Boot Loaders
A security feature bypass vulnerability has been uncovered in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that allow bypass...
-
4.8KVulnerabilitiesMicrosoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack
As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of...
-
4.3KMalwareNew Woody RAT Malware Being Used to Target Russian Organizations
An unknown threat actor has been targeting Russian entities with a newly discovered remote access trojan called Woody RAT for at least...
-
4.5KMalwareMicrosoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers
Microsoft on Friday disclosed a potential connection between the Raspberry Robin USB-based worm and an infamous Russian cybercrime group tracked as Evil...
-
2.0KMalwareHackers Opting New Attack Methods After Microsoft Blocked Macros by Default
With Microsoft taking steps to block Excel 4.0 (XLM or XL4) and Visual Basic for Applications (VBA) macros by default across Office...
-
3.1KMalwareMicrosoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits
A cyber mercenary that “ostensibly sells general security and information analysis services to commercial customers” used several Windows and Adobe zero-day exploits...
-
1.2KMalwareMalicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
Threat actors are increasingly abusing Internet Information Services (IIS) extensions to backdoor servers as a means of establishing a “durable persistence mechanism.”...
- Malware
Microsoft Resumes Blocking Office VBA Macros by Default After ‘Temporary Pause’
Microsoft has officially resumed blocking Visual Basic for Applications (VBA) macros by default across Office apps, weeks after temporarily announcing plans to...
-
2.8KVulnerabilitiesMicrosoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices
Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple’s operating systems that, if successfully exploited, could allow attackers...
-
1.3KVulnerabilitiesMicrosoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout
Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day...
-
5.0KMalwareNew ‘SessionManager’ Backdoor Targeting Microsoft IIS Servers in the Wild
A newly discovered malware has been put to use in the wild at least since March 2021 to backdoor Microsoft Exchange servers...
- Malware
Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing...
-
1.5KMalwareState-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks
A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational...
-
4.4KMalwareBlackCat Ransomware Gang Targeting Unpatched Microsoft Exchange Servers
Microsoft is warning that the BlackCat ransomware crew is leveraging exploits for unpatched Exchange server vulnerabilities to gain access to targeted networks....
-
5.6KMalwareA Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage
A “dangerous piece of functionality” has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to...
-
617VulnerabilitiesResearchers Warn of Unpatched “DogWalk” Microsoft Windows Vulnerability
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even...
-
2.7KCyber AttackMicrosoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor...
-
4.9KVulnerabilitiesMicrosoft Releases Workarounds for Office Vulnerability Under Active Exploitation
Microsoft on Monday published guidance for a newly discovered zero-day security flaw in its Office productivity suite that could be exploited to...
-
2.1KVulnerabilitiesWatch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild
Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on...
-
213MalwareHackers Trick Users with Fake Windows 11 Downloads to Distribute Vidar Malware
Fraudulent domains masquerading as Microsoft’s Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems...
-
2.1KMalwareHackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility
Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve...
