Search cyberveille.decio.ch

Found 257 bookmarks

Newest

Cyber Signals: Inside the growing risk of gift card fraud

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. The latest edition of Cyber Signals dives deep into the world of Storm-0539, also known as Atlas Lion, shedding light on their sophisticated methods of gift and payment card theft.

#microsoft #EN #2024 #gift-card #fraud #Storm-0539 #payment #card

·microsoft.com·May 27, 2024

Cyber Signals: Inside the growing risk of gift card fraud

How ransomware abuses BitLocker | Securelist

The Kaspersky GERT has detected a VBS script that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom. #BitLocker #Data #Descriptions #Encryption #Incident #Malware #Microsoft #Ransomware #Technologies #Windows #response

#Descriptions #Incident #BitLocker #Microsoft #Windows #Encryption #Ransomware #Malware #response #Data #Technologies

·securelist.com·May 25, 2024

How ransomware abuses BitLocker | Securelist

Microsoft will require MFA for all Azure users

Multi-factor authentication makes you, your company and your cloud investments safer

#microsoft #EN #2024 #announce #announcement #MFA #Azure #Multi-factor #authentication

·techcommunity.microsoft.com·May 18, 2024

Microsoft will require MFA for all Azure users

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that lead to malware like Qakbot followed by Black Basta ransomware deployment.

#microsoft #EN #2024 #QuickAssist #Ransomware #Qakbot #BlackBasta

·microsoft.com·May 16, 2024

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

Our research reveals that personal repositories often expose sensitive corporate data, leading to severe security breaches

#aquasec #EN #2024 #GitHub #Repos #Exposed #Redhat #Microsoft #tokens

·aquasec.com·May 16, 2024

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

Watch out for tech support scams lurking in sponsored search results

Our researchers found fake sponsored search results that lead consumers to a typical fake Microsoft alert site set up by tech support scammers.

#malwarebytes #EN #2024 #scam #fake-support #Microsoft #GoogleAds

·malwarebytes.com·May 3, 2024

Watch out for tech support scams lurking in sponsored search results

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts. We have shared our findings with Google’s Android Application Security Research team, as well as the developers of apps found vulnerable to this issue. We anticipate that the vulnerability pattern could be found in other applications. We’re sharing this research more broadly so developers and publishers can check their apps for similar issues, fix as appropriate, and prevent them from being introduced into new apps or releases.

#microsoft #EN #2024 #Android #vulnerable #application #share #Dirty-stream

·microsoft.com·May 3, 2024

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft needs to win back trust

Microsoft has faced a series of security issues in recent years. Now, the company is trying to win back trust and focus on security as a top priority.

#theverge #EN #2024 #trust #Microsoft #security #issues

·theverge.com·May 2, 2024

Microsoft needs to win back trust

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.

#microsoft #EN #2024 #OpenMetadata #Kubernetes #CVE-2024-28255 #CVE-2024-28847 #CVE-2024-28253 #CVE-2024-2884 #CVE-2024-28254

·microsoft.com·Apr 18, 2024

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

The US Government Has a Microsoft Problem

Microsoft has stumbled through a series of major cybersecurity failures over the past few years. Experts say the US government’s reliance on its systems means the company continues to get a free pass.

#wired #EN #2024 #microsoft #cybersecurity #us-government #china #russia #US #problem

·wired.com·Apr 16, 2024

The US Government Has a Microsoft Problem

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

CISA publicly released an emergency directive issued to federal agencies earlier this month, detailing how a breach at Microsoft could have affected the government.

#therecord #EN #2024 #CISA #Microsoft #Breach #government #email

·therecord.media·Apr 15, 2024

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

Microsoft could have prevented Chinese cloud email hack, US cyber report says

Microsoft needs a security culture overhaul, a US report concludes. The software giant could have prevented a cloud email hack in 2023.

#theverge #EN #2024 #Microsoft #cloud #email #cascade-of-security-failures #Storm0558 #DHS

·theverge.com·Apr 3, 2024

Microsoft could have prevented Chinese cloud email hack, US cyber report says

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of an old, inactive account. This serves as a stark reminder of the importance of password security and why organizations need to protect every user account.

#thehackernews #EN #2024 #Microsoft #MidnightBlizzard #lesson-learned #password-spray

·thehackernews.com·Mar 30, 2024

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season

Read the new Microsoft Threat Intelligence tax season report to learn about the techniques that threat actors use to mislead taxpayers.

#microsoft #EN #2024 #phishing #tax #HTML #lure

·microsoft.com·Mar 21, 2024

Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season

Microsoft Copilot for Security: General Availability details

Microsoft Copilot for Security will be generally available on April 1st. Read this blog to learn about new productivity research, product capabilities,..

#techcommunity.microsoft #EN #2024 #AI #Microsoft #Copilot #for #Security #annonce #tool

·techcommunity.microsoft.com·Mar 20, 2024

Microsoft Copilot for Security: General Availability details

Microsoft publie son outil interne de test de sécu d'IA générative

PyRIT peut générer des milliers de messages malveillants pour tester un modèle d'IA générative, et même évaluer sa réponse.

#ZDNet #2024 #FR #outil #PyRIT #Microsoft #test #IA

·zdnet.fr·Mar 17, 2024

Microsoft publie son outil interne de test de sécu d'IA générative

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Microsoft says the ongoing hacking is part of the Russian government's efforts to figure out what information Microsoft has on its hackers.

#techcrunch #EN #2024 #cyberattack #hacking #microsoft #MidnightBlizzard

·techcrunch.com·Mar 8, 2024

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

#Microsoft #EN #2024 #incident #update #Midnight #MidnightBlizzard

·msrc.microsoft.com·Mar 8, 2024

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center

Microsoft AI engineer says Copilot Designer creates disturbing images

Shane Jones, who’s worked at Microsoft for six years, has been testing the company’s AI image generator in his free time and told CNBC he is disturbed by his findings. He’s warned Microsoft of the sexual and violent content that the product, Copilot Designer, is creating, but said the company isn’t taking appropriate action. On Wednesday, Jones escalated the matter, sending letters to FTC Chair Lina Khan and to Microsoft’s board, which were viewed by CNBC.

#cnbc #EN #2024 #Microsoft #AI #engineer #Copilot #Designer #creates #disturbing #images

·cnbc.com·Mar 7, 2024

Microsoft AI engineer says Copilot Designer creates disturbing images

Internet Society veut empêcher Microsoft d'héberger les données de santé des Français

Un ONG dépose un recours auprès du Conseil d'État pour empêcher Microsoft d'héberger les données de santé des Français.

#siecledigital #FR #2024 #souveraineté #cloud #Microsoft #France #ONG

·siecledigital.fr·Feb 22, 2024

Internet Society veut empêcher Microsoft d'héberger les données de santé des Français

Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments

Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accoun...

#proofpoint #EN #2024 #Microsoft #Azure #Campaign #compromise #cloud-security #phishing #MFA

·proofpoint.com·Feb 13, 2024

Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments

DarkGate malware delivered via Microsoft Teams - detection and response

While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector. Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one organization to add users outside the organization to their Teams chats. Perhaps predictably, this feature has provided malicious actors a new avenue by which to exploit untrained or unaware users.

#cybersecurity.att.com #EN #2024 #Microsoft #Teams #phishing #malware

·cybersecurity.att.com·Feb 1, 2024

DarkGate malware delivered via Microsoft Teams - detection and response

Midnight Blizzard: Guidance for responders on nation-state attack

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.

#microsoft #2024 #EN #Midnight #MidnightBlizzard #guide #attack #TTP

·microsoft.com·Jan 26, 2024

Midnight Blizzard: Guidance for responders on nation-state attack

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

#microsoft #EN #2024 #annonce #MidnightBlizzard #APT29

·msrc.microsoft.com·Jan 20, 2024

Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

Microsoft network breached through password-spraying by Russian-state hackers

Senior execs' emails accessed in network breach that wasn't caught for 2 months.

#arstechnica #en #2024 #Microsoft #email #theft #Russia #APT29 #breached #password-spray

·arstechnica.com·Jan 20, 2024

Microsoft network breached through password-spraying by Russian-state hackers

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.

#thehackernews #en #2024 #Microsoft #APT29 #Russia #theft #mail #executives #attack #MidnightBlizzard

·thehackernews.com·Jan 20, 2024

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its

#redpacketsecurity #EN #2024 #CISA #Microsoft #SharePoint #CVE-2023-29357

·redpacketsecurity.com·Jan 12, 2024

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

Microsoft disables MSIX protocol handler abused in malware attacks

Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware.

#bleepingcomputer #EN #2023 #App-Installer #Malware #Windows #Microsoft #MSIX #CVE-2021-43890

·bleepingcomputer.com·Dec 28, 2023

Microsoft disables MSIX protocol handler abused in malware attacks

Threat actors misuse OAuth applications to automate financially driven attacks

Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.

#microsoft #EN #2023 #OAuth #applications #automation #tools #attacks

·microsoft.com·Dec 13, 2023

Threat actors misuse OAuth applications to automate financially driven attacks

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.

#microsoft #EN #2023 #Threat #Intelligence #Star-Blizzard #attacks #analysis

·microsoft.com·Dec 8, 2023

Star Blizzard increases sophistication and evasion in ongoing attacks