Tag: microsoft

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems
15Sep By RBNo Comments
News

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

Ncurses, short for "new curses," is a programming library that contains a number of memory corruption problems that could be used by threat actors to execute malicious code on Linux and macOS systems. Researchers from Microsoft Threat Intelligence Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse wrote in a technical report released today: "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the context of the targeted program or perform other malicious actions." As of April 2023, the vulnerabilities, collectively tracked as CVE-2023-29491 (CVSS score of 7.8), have been fixed. Microsoft claimed that it also collaborated with Apple to fix the macOS-specific problems caused by these weaknesses read more Microsoft Un...
Read More
Microsoft will block 3rd-party printer drivers in Windows Update
12Sep By RBNo Comments
News

Microsoft will block 3rd-party printer drivers in Windows Update

As part of a significant and progressive change in its printer driver strategy over the next four years, Microsoft will disable the delivery of third-party printer drivers in Windows Update. According to Microsoft, "With the launch of Windows 10 21H2, Windows offers inbox support for Mopria compliant printer devices over network and USB interfaces." As a result, print device makers are no longer required to offer their own installers, drivers, utilities, and other software. Microsoft Offensive Research & Security Engineering (MORSE) lead engineer manager Johnathan Norman claims that the organization would introduce a new default print mode to disable third-party drivers for printing read more Microsoft will block 3rd-party printer drivers in Windows Update. Stay informed w...
Read More
Hackers stole Microsoft signing key from Windows crash dump
7Sep By RBNo Comments
News

Hackers stole Microsoft signing key from Windows crash dump

Storm-0558, so says Microsoft. Chinese hackers infiltrated a Microsoft engineer's business account and grabbed a signing key that was used to get into government email accounts from a Windows crash dump. Around twenty companies' Exchange Online and Azure Active Directory (AD) accounts were compromised by the attackers using the stolen MSA key, including American government departments like the State and Commerce Departments. They were able to fabricate signed access tokens and pose as accounts inside the targeted orgs by taking use of a now-patched zero-day validation flaw in the GetAccessTokenForResourceAPI read more Hackers stole Microsoft signing key from Windows crash dump. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehe...
Read More
Microsoft accounts targeted by EvilProxy phishing kits
10Aug By RBNo Comments
News

Microsoft accounts targeted by EvilProxy phishing kits

According to the cybersecurity firm Proofpoint, multifactor authentication (MFA) defenses are being circumvented by a ready-made phishing tool that has targeted thousands of victims. The EvilProxy phishing kit has been widely employed by threat actors to go attack cloud targets in order to remotely hijack them. Proofpoint has identified over 1.5 million employees who have been targeted. Many of these attacks appear to have targeted Microsoft users. Between March and June, Proofpoint detected about 120,000 phishing emails sent to hundreds of organizations worldwide that use Microsoft 365 read more Microsoft accounts targeted by EvilProxy phishing kits. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the lates...
Read More
Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism
7Aug By RBNo Comments
News

Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism

Microsoft announced on Friday that it has fixed a serious security hole affecting the Power Platform, but not before drawing criticism for its slow response. The tech giant warned that the flaw "could result in unauthorized access to Custom Code functions used for Power Platform custom connectors." If secrets or other sensitive information were included in the Customs Code function, the potential effect may be inadvertent information disclosure. The business added that there is no need for consumer action and that there is no proof that the vulnerability has been actively exploited in the wild read more Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our compreh...
Read More
Microsoft Exposes Russian Hackers Sneaky Phishing Tactics via Microsoft Teams Chats
4Aug By RBNo Comments
News

Microsoft Exposes Russian Hackers Sneaky Phishing Tactics via Microsoft Teams Chats

On Wednesday, Microsoft announced that it has discovered a series of extremely specific social engineering operations carried out by a Russian nation-state threat actor utilising phishing lures for credential theft sent as Microsoft Teams chats. The tech behemoth blamed the attacks on Midnight Blizzard, formerly known as Nobelium, a group it tracks. APT29, BlueBravo, Cosy Bear, Iron Hemlock, and The Dukes are some more names for it. The threat actor "in this latest activity, the threat actor uses previously compromised Microsoft 365 tenants owned by small businesses to create new domains that appear as technical support entities," according to the company read more Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats. Stay informed with the best cy...
Read More
Chinese Hackers Deploy Microsoft Signed Rootkit to Target Gaming Sector
13Jul By RBNo Comments
News

Chinese Hackers Deploy Microsoft Signed Rootkit to Target Gaming Sector

A unique rootkit signed by Microsoft that is designed to communicate with an attack infrastructure controlled by actors has been discovered by cybersecurity experts. The actor behind the FiveSys rootkit, which was discovered in October 2021, has been linked to a cluster of activity, according to Trend Micro. The gaming industry in China is the principal victim of this malicious actor, according to Mahmoud Zohdy, Sherif Magdy, and Mohamed Fahmy of Trend Micro. The Windows Hardware Quality Labs (WHQL) process for obtaining a valid signature appears to have been successfully completed by their virus read more Chinese Hackers Deploy Microsoft Signed Rootkit to Target Gaming Sector. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehe...
Read More
Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments
13Jul By RBNo Comments
News

Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments

Microsoft announced on Tuesday that it successfully thwarted a cyberattack by a Chinese nation-state actor that was aimed at two dozen organizations, some of which were government institutions, in an effort to obtain sensitive data. Approximately 25 companies were impacted by the attacks, which started on May 15, 2023, and a limited number of associated individual consumer accounts. The tech giant traced the effort to Storm-0558, a nation-state action organization operating out of China that particularly targets Western European governments read more Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and...
Read More
Microsoft Denies Major 30 Million Customer Breach
5Jul By RBNo Comments
News

Microsoft Denies Major 30 Million Customer Breach

Microsoft has responded to allegations made by a mysterious hacktivist group that it breached the business and obtained account access for tens of millions of consumers. The specifics of Anonymous Sudan's supposed raid were published on Telegram. Anonymous Sudan has previously been connected to Kremlin-friendly organisations like Killnet. "We announce that we have successfully hacked Microsoft and have access to a large database containing more than 30 million Microsoft accounts, emails, and passwords," it wrote in a post viewed by Infosecurity. If you're interested, get in touch with us using our bot to discuss the price before we start selling this database read more Microsoft Denies Major 30 Million Customer Breach. Stay one step ahead of cyber threats with ReconBee.com. Explo...
Read More
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
3Jul By RBNo Comments
News

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Malvertising techniques have been detected being used by threat actors connected to the BlackCat ransomware to spread fake WinSCP installers. In a report released this week, researchers from Trend Micro stated that "malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations." In this instance, the distribution utilized a webpage for the well-known open-source Windows file transfer program WinSCP. Malvertising is the practice of disseminating malware through online advertising by using SEO-poisoning techniques read more BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecuri...
Read More
Follow Us on Twitter
Follow Us on LinkedIn
Follow Us on YouTube
Follow Us on Facebook