Tag: Microsoft News

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems
15Sep By RBNo Comments
News

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

Ncurses, short for "new curses," is a programming library that contains a number of memory corruption problems that could be used by threat actors to execute malicious code on Linux and macOS systems. Researchers from Microsoft Threat Intelligence Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse wrote in a technical report released today: "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the context of the targeted program or perform other malicious actions." As of April 2023, the vulnerabilities, collectively tracked as CVE-2023-29491 (CVSS score of 7.8), have been fixed. Microsoft claimed that it also collaborated with Apple to fix the macOS-specific problems caused by these weaknesses read more Microsoft Un...
Read More
Microsoft Exposes Russian Hackers Sneaky Phishing Tactics via Microsoft Teams Chats
4Aug By RBNo Comments
News

Microsoft Exposes Russian Hackers Sneaky Phishing Tactics via Microsoft Teams Chats

On Wednesday, Microsoft announced that it has discovered a series of extremely specific social engineering operations carried out by a Russian nation-state threat actor utilising phishing lures for credential theft sent as Microsoft Teams chats. The tech behemoth blamed the attacks on Midnight Blizzard, formerly known as Nobelium, a group it tracks. APT29, BlueBravo, Cosy Bear, Iron Hemlock, and The Dukes are some more names for it. The threat actor "in this latest activity, the threat actor uses previously compromised Microsoft 365 tenants owned by small businesses to create new domains that appear as technical support entities," according to the company read more Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats. Stay informed with the best cy...
Read More
Microsoft Expands Cloud Logging to Counter Rising Nation State Cyber Threats
20Jul By RBNo Comments
News

Microsoft Expands Cloud Logging to Counter Rising Nation State Cyber Threats

After receiving criticism in the aftermath of a recent espionage attack operation targeted at its email infrastructure, Microsoft announced on Wednesday that it is increasing cloud logging capabilities to help organisations investigate cybersecurity issues and gain more visibility. The tech behemoth claimed that the change is a direct reaction to the evolution and increased frequency of nation-state cyber threats. It is anticipated to roll out to all government and commercial users beginning in September 2023. According to Vasu Jakkal, corporate vice president of security, compliance, identity, and management at Microsoft, "over the coming months, we will include access to wider cloud security logs for our customers worldwide at no additional cost read more Microsoft Expands Cloud L...
Read More
New hacking unit within Russian military intelligence identified by Microsoft
16Jun By RBNo Comments
News

New hacking unit within Russian military intelligence identified by Microsoft

According to Microsoft, hackers connected to Russia's military intelligence organization, the GRU, are responsible for cyberattacks against Ukrainian government organizations and IT providers. In a blog post, Tom Burt, corporate vice president for customer security and trust at Microsoft, claimed that a threat actor known as Cadet Blizzard is responsible for continuous hacking actions that started in February 2023. Additionally, the gang is linked to the damaging data-wiping assaults that plagued Ukraine prior to Russia's invasion read more New hacking unit within Russian military intelligence identified by Microsoft. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecurity awareness, and the latest cybersec...
Read More
Microsoft Brings OpenAI Tech to US Agencies
9Jun By RBNo Comments
News

Microsoft Brings OpenAI Tech to US Agencies

Microsoft has launched a new OpenAI technology integration into its services that aims to give US federal agencies better insights while also placing a higher priority on information security. The IT behemoth said in a blog post on Wednesday that the connection enables government bodies to utilise Microsoft Azure OpenAI Service's capabilities. Sensitive data would be protected by bridging the gap between commercial and government cloud operations, according to Microsoft, allowing the platform to adhere to US regulatory criteria for classification and security read more Microsoft Brings OpenAI Tech to US Agencies. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecurity awareness, and the latest cybersecurity...
Read More
Microsoft Warns of Increase in Business Email Compromise Attacks
22May By RBNo Comments
News

Microsoft Warns of Increase in Business Email Compromise Attacks

New research from Microsoft alerts businesses to the worrisome rise in business email compromise (BEC) assaults and the changing strategies used by cybercriminals. According to the Cyber Signals study, "The Confidence Game," which offers a thorough overview of the threat landscape from April 2022 to April 2023, the business's systems presently detect and look into an average of 156,000 BEC attacks every day. Over the previous four years, there has been a 38% increase in these attacks. Microsoft's research indicates that attackers are increasingly using tools like BulletProftLink to plan extensive malicious email campaigns read more Microsoft Warns of Increase in Business Email Compromise Attacks. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber a...
Read More
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
28Apr By RBNo Comments
News

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Microsoft has determined that attacks aimed at delivering the Cl0p and LockBit ransomware families are connected to the active exploitation of PaperCut servers. A portion of the incursions are being attributed by the tech giant's threat intelligence team to an actor it tracks by the name of Lace Tempest (formerly known as DEV-0950), who shares similarities with other hacker outfits including FIN11, TA505, and Evil Corp. Microsoft stated in a series of tweets that in the attacks it has observed, "Lace Tempest ran multiple PowerShell commands to deliver a TrueBot DLL, which connected to a C2 server, attempted to steal LSASS credentials, and injected the TrueBot payload into the conhost.exe service read more Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomwar...
Read More
Microsoft lets generative AI loose on cybersecurity
29Mar By RBNo Comments
News

Microsoft lets generative AI loose on cybersecurity

Microsoft unveiled Security Copilot today as part of its ongoing effort to incorporate generative AI into all of its products. This new tool promises to "summarise" and "make sense" threat intelligence. Microsoft promoted Security Copilot in a vague statement as a mechanism to correlate attack data while prioritising security problems. Several tools already perform this. Yet Microsoft claims that generative AI models from OpenAI, notably the recently released text-generating GPT-4, improve Security Copilot, which interfaces with its current security product range read more Microsoft lets generative AI loose on cybersecurity. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.
Read More
Follow Us on Twitter
Follow Us on LinkedIn
Follow Us on YouTube
Follow Us on Facebook