Top

Tag: Microsoft


Data loss, Threats & Malware

New Rust-based malware targets Microsoft Windows, abuses Powershell, and steals sensitive info

June 20, 2024

Via: TechRadar

Security pros are warning of a new infostealer being distributed using different methods across the internet. Fickle Stealer does the usual tactics – steals sensitive files, system information, files stored in the browser, cryptocurrency wallet information, and more – but […]


Threats & Malware, Vulnerabilities

Security bug could have allowed anyone to spoof Microsoft employee emails

June 19, 2024

Via: TechRadar

Security researchers recently claimed to have found a flaw that could allow threat actors to spoof Microsoft corporate emails. A cybersecurity researcher with the alias Slonser (full name Vsevolod Kokorin, according to TechCrunch) recently posted on X with a telling […]


Threats & Malware, Virus & Malware

North Korea building cash reserves using ransomware, video games

May 29, 2024

Via: The Register

A brand-new cybercrime group that Microsoft ties to North Korea is tricking targets using fake job opportunities to launch malware and ransomware, all for financial gain. Microsoft tracks this group as “Moonstone Sleet” and says it has been active since […]


Privacy protection, Security

Windows Recall — a ‘privacy nightmare’?

May 24, 2024

Via: Computerworld

Windows Recall, the new feature that records a user’s screen at regular intervals, has been labelled a “privacy nightmare” due to potential data privacy and security risks. Microsoft announced the generative AI-based tool on Monday; it records “snapshots” of a […]


Hacker, Threats & Malware

Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage

April 22, 2024

Via: The Hacker News

Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient. “They are learning to use tools powered by AI large language models (LLM) to make their […]


Threats & Malware, Vulnerabilities

Microsoft fixed two zero-day bugs exploited in malware attacks

April 11, 2024

Via: Security Affairs

Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017. The issues impact Microsoft Windows and Windows […]


Data loss, Threats & Malware

Microsoft confirms memory leak in March Windows Server security update

March 25, 2024

Via: The Register

If your Windows domain controllers have been crashing since a security update was installed earlier this month, there’s no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the […]


Hacker, Threats & Malware

Russian Hackers Gained Access to Microsoft Source Code, Customer Secrets

March 11, 2024

Via: SecureWorld

In a sobering update released March 8th, Microsoft has revealed that the Russian state-sponsored hacking group Midnight Blizzard, also tracked as Nobelium, has gained unauthorized access to some of the company’s source code repositories and internal systems. This follows an […]


Application security, Security

OpenAI, Microsoft Disrupt Nation-State Actors’ Malicious Use of AI

February 20, 2024

Via: SecureWorld

OpenAI and Microsoft recently collaborated to identify and disrupt several nation-state actors who were attempting to use AI services for malicious cyber activities. According to Microsoft, the disrupted threat actors were affiliated with China, Iran, North Korea, and Russia. Their […]


Cyber-crime, Malware

Iran’s cyber operations in Israel a potential prelude to US election interference

February 7, 2024

Via: The Register

Iran’s anti-Israel cyber operations are providing a window into the techniques the country may deploy in the run-up to the 2024 US Presidential elections, Microsoft says. An analysis of Iran’s activity, published by Microsoft Threat Analysis Center (MTAC) today, concluded […]


Data loss, Threats & Malware

Russian hackers breached Microsoft, HPE corporate maliboxes

January 25, 2024

Via: Help Net Security

Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently disclosed successful attack campaigns by the Russia-affiliated APT group. The Microsoft breach Last Friday, […]


Data loss, Threats & Malware

What Microsoft’s latest email breach says about this IT security heavyweight

January 24, 2024

Via: The Register

For most organizations – especially security vendors – disclosing a corporate email breach, in which executives’ internal messages and attachments were stolen, would noticeably ding their stock prices. But Microsoft apparently doesn’t operate by the laws of Wall Street. Late […]


Cyber warfare, Cyber-crime

Microsoft: Iranian Hackers Evolving Techniques in Espionage Campaigns

January 19, 2024

Via: SecureWorld

Microsoft has released a report detailing recent activity by Mint Sandstorm, an Iranian state-sponsored hacking group, targeting high-profile academics and researchers working on Middle Eastern affairs. The report highlights new tactics and malware, signaling an escalation in capabilities. According to […]


Threats & Malware, Virus & Malware

So, are we going to talk about how GitHub is an absolute boon for malware, or nah?

January 12, 2024

Via: The Register

The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security. GitHub says it is used by more than 100 million developers around the world. […]


Application security, Security

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

January 8, 2024

Via: SecureWorld

In a bold move that promises to redefine the way users interact with their computers, Microsoft has announced the integration of a dedicated Copilot button on the keyboards of its Windows PCs. This innovative step signifies a major leap forward […]


Threats & Malware, Virus & Malware

Microsoft disables one of its own software tools following multiple malware attacks

December 29, 2023

Via: TechRadar

Microsoft has disabled the ms-appinstaller protocol handler as default after it found new evidence of hackers using it to deploy malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for […]


Threats & Malware, Vulnerabilities

Before you go away for Xmas: You’ve patched that critical Perforce Server hole, right?

December 19, 2023

Via: The Register

Four vulnerabilities in Perforce Helix Core Server, including one critical remote code execution bug, should be patched “immediately,” according to Microsoft, which spotted the flaws and disclosed them to the software vendor. Perforce Server is a source code management platform […]


Threats & Malware, Virus & Malware

Money-grubbing crooks abuse OAuth – and baffling absence of MFA – to do financial crimes

December 14, 2023

Via: The Register

Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes – such as business email compromise (BEC), phishing, large-scale spamming campaigns – and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft. OAuth, short for Open Authorization, […]


Network security, Security

Attacks abuse Microsoft DHCP to spoof DNS records and steal secrets

December 8, 2023

Via: The Register

A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers. We’re told the attacks – which are usable against […]


Network security, Security

Microsoft’s bug bounty turns 10. Are these kinds of rewards making code more secure?

November 22, 2023

Via: The Register

Microsoft’s bug bounty program celebrated its tenth birthday this year, and has paid out $63 million to security researchers in that first decade – with $60 million awarded to bug hunters in the past five years alone, according to Redmond. […]