Browsing tag
New research has disclosed what’s being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. “The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation,” Finnish cybersecurity company WithSecure said in a report published […]
A “dangerous piece of functionality” has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to mount attacks on cloud infrastructure and ransom files stored on SharePoint and OneDrive. The cloud ransomware attack makes it possible to launch file-encrypting malware to “encrypt files stored on SharePoint and OneDrive in […]
According to researchers, threat actors including Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers. In late August 2021, it was reported that threat actors are targeting unpatched Microsoft Exchange Servers by exploiting ProxyShell exploits. Now, according to independent findings of researchers at Sophos Labs and […]