Browsing tag
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain unauthorized access to victims’ accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called Forest Blizzard (formerly Strontium), which is also widely tracked under the monikers APT28, […]
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any […]
Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to […]
Researchers discovered a new wave of FTCODE ransomware campaign that steal browsers login credentials and Encrypt files in Windows systems. FTCODE ransomware was first observed in 2013, it uses the Windows PowerShell program to perform file encryption. The ransomware resurfaced again starting from last year September, according to Certego analysis of the FTCODE ransomware, it […]
According to web application security specialists, a recently patched vulnerability in Microsoft login system could have been exploited to trick some users into granting hackers full access to their online accounts. Thanks to the presence of this vulnerability, threat actors were able to inadvertently extract access tokens, so they could access victims’ accounts without having […]
Users of the popular e-commerce website eBay were surprised to find that the company’s email logo was replaced by the image of a nude woman. The exact cause of the incident is not yet known, although information security services experts fear that it is the attack of a dangerous group of malicious hackers. Site users […]
USCYBERCOM published an alert that hackers were exploiting the CVE-2017-11774 Microsoft Outlook Security Vulnerability to deliver malware using an HTTPS domain. Microsoft already patched the vulnerability in 2017 and the USCYBERCOM alert refers to the ongoing campaign that exploiting CVE-2017-11774. Users are advised to ensure that they have patched the vulnerability. — USCYBERCOM Malware Alert […]
Cyber forensics course specialists report that a group of hackers have infiltrated some email accounts from Outlook users to steal several virtual assets, including Bitcoin. The total stolen amount is still unknown, although it is speculated that it could be a considerable sum. One of the victims, a Dutch engineer, claims that a threat actor […]
Microsoft has revealed that a group of unknown hackers has perpetrated a data breach in some of the company’s systems; according to cyber forensics course experts from the International Institute of Cyber Security (IICS), hackers would have compromised the log in credentials of some members of the company’s technical support team, thanks to this, they […]
As part of another data breach (this time involving Microsoft), several users’ Outlook accounts were accessed by hackers for three months. According to a report by The Verge, a support agent’s account was hacked by unnamed hackers from January 2019 to March 28, 2019, due to which the malicious attackers could get access to several […]
Microsoft announced a data breach by unknown hackers who have compromised the Microsoft technical support agent’s credentials and gain access to some of the Microsoft customer’s Email. Cybercriminals breached the Microsoft network between January 1 and March 28 and compromise the Microsoft support agent’s credentials. Microsoft notified to the customer via Email on Friday said, […]
The investigator who discovered the error will be rewarded by the company Sahad Nk, a digital forensics expert from India and partner in a cybersecurity firm, has received a reward from Microsoft as part of the company’s bug report program thanks to the discovery and reporting of a series of critical vulnerabilities present in […]
A bug bounty hunter from India, Sahad Nk who works forSafetyDetective, a cybersecurity firm, has received a reward from Microsoft for uncovering and reporting a series of critical vulnerabilities in Microsoft accounts. These vulnerabilities were present on users’ Microsoft accounts from MS Office files to Outlook emails. This means, all kinds of accounts (over 400 […]
The bug would allow attackers to steal Windows credentials literally without any difficulty. A critical Outlook bug that was identified over a year back has been fixed by Microsoft now. It was found to be capable of leaking password hashes when a user previews an RTF (rich text format) email containing remotely hosted OLE objects. […]
Most people rely on Outlook email address for work-related as well as personal tasks. Unfortunately, Outlook may not be as secure as we users would like to think. According to a report published by information security training experts at the Carnegie Mellon Software Engineering Institute, Outlook comes with a security bug that could trigger password hash leaks […]
Fixed by Microsoft’s latest patches, bug could be “enterprise killer,” says researcher. One of a heaping collection of critical bug fixes pushed out by Microsoft on December 8 as part of the company’s monthly “Patch Tuesday” was an update to the Microsoft Office suite designed to close a vulnerability that would allow an attacker to […]
It is easy to hack a domain and set up scams for visitors but using a government email address to run a phishing campaign is a bit odd. Recently, I received an email which of course went straight to spam. I wouldn’t care if it was a random email but, in fact, it was from a state […]
‘Discontinue Support’—Latest Phishing Scam Targeting Microsoft Outlook Users. An email is being circulated by cybercriminals that appears to be sent by Outlook.com team informing users that on 11th May 2015, MS Outlook will be discontinuing “support on your account and security.” The message is nothing else but another crude phishing attempt. The email warns users […]
Another Phishing Scam Targeting Microsoft Outlook – The Request To Terminate Outlook Account Email is nothing but a Fraud. A new wave of phishing scams targeting Microsoft outlook has emerged. In this latest feat, an email is being sent to users. The email states that a request from you has been received by the “Microsoft Account Team” […]
A developer claims that the newly launched Outlook app for iOS breaks your companies security for mobile PIM access on many levels. This was claim about the Microsoft app, which was released this Thursday, was made by René Winkelmeyer. The company released this email management and cloud-based app after its Acompli buyout, which helped Microsoft […]
Outlook email users of China faced an outage over the weekend, possibly a victim of man-in-the-middle attack, according to media reports. Chinese users could not access the Outlook email, a free email service from the Microsoft, on Jan 17. Only IMAP and SMTP protocols on desktop and mobile were affected while the web interface remained […]