Microsoft disables MSIX protocol handler abused in malware attacks
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware.
Threat actors misuse OAuth applications to automate financially driven attacks
Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
Windows 10 gets three more years of security updates, if you can afford them | Ars Technica
Windows 10's end-of-support date is October 14, 2025. That's the day that most Windows 10 PCs will receive their last security update and the date when most people should find a way to move to Windows 11 to ensure that they stay secure. As it has done for other stubbornly popular versions of Windows, though, Microsoft is offering a reprieve for those who want or need to stay on Windows 10: three additional years of security updates, provided to those who can pay for the Extended Security Updates (ESU) program.
Microsoft Patch Tuesday November 2023
Today, Microsoft released patches for 64 different vulnerabilities in Microsoft products, 14 vulnerabilities in Chromium affecting Microsoft Edge, and five vulnerabilities affecting Microsoft's Linux distribution, Mariner. Three of these vulnerabilities are already being exploited, and three have been made public before the release of the patches.
Détournement de Microsoft et Cloudflare au cours d’une nouvelle attaque de QRishing
Une récente attaque de QRishing a été détectée par Vade. Découvrez l’attaque en détail et les mesures à prendre pour protéger votre entreprise.
Microsoft Temporarily Blocked Internal Access to ChatGPT, Citing Data Concerns
The company later restored access to the chatbot, which is owned by OpenAI.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F25067537%2F1770213731.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Microsoft offers politicians protection against deepfakes
Microsoft will launch digital watermarking tools to combat deep fakes and offer services to political campaigns for cybersecurity and using AI.
New Microsoft Exchange zero-days allow RCE, data theft attacks
Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
ZDI-23-1578 | Zero Day Initiative
(0Day) Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24347781%2FSTK095_Microsoft_03.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Microsoft is overhauling its software security after major Azure cloud attacks
Microsoft is making big changes to its cybersecurity approach. It comes after major cloud attacks in recent years and will mean an overhaul to how software is built inside Microsoft.
Microsoft profiles new threat group with unusual but effective practices
Octo Tempest employs tactics that many of its targets aren't prepared for.
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries.
The evolution of Windows authentication
Discover how we’re securing authentication and reducing NTLM usage in Windows.
Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System
Windows users have recently begun mass-reporting that Microsoft's Defender antivirus program, which is integrated into Windows 10 and 11 by default, is
38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog
Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token
Leaked Microsoft documents hint at new Doom and Dishonored games
Bethesda's roadmap for the fiscal years starting in 2020 and ending in 2024 has made its way online as part of the documents leaked from the FTC v. Microsoft case.
Microsoft AI Employee Accidentally Leaks 38TB of Data
A software repository on GitHub dedicated to supplying open-source code and AI models for image recognition was left open to manipulation by bad actors thanks to an insecure URL.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2FERXLSAZCHFP3RDULRLS5A7EU5E.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Microsoft to defend customers on AI copyright challenges
Microsoft will pay legal damages on behalf of customers using its artificial intelligence (AI) products if they are sued for copyright infringement for the output generated by such systems, the company said on Thursday.
Microsoft pledges legal protection for AI-generated copyright breaches
US tech giant will assume customers’ liability for material created by AI assistants in Word and coding tools
Compromised Microsoft Key: More Impactful Than We Thought
Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impact.
Chinese Microsoft hackers also hit GOP Rep. Don Bacon of Nebraska
Rep. Don Bacon tweeted Monday that he had been notified by the FBI that his emails had been hacked.
'DoubleDrive' attack turns Microsoft OneDrive into ransomware
Microsoft's OneDrive file-sharing program can be used as ransomware to encrypt most of the files on a target machine without possibility of recovery, partly because the program is inherently trusted by Windows and endpoint detection and response programs (EDRs). Presentation blackhat
Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry
A US cybersecurity advisory panel will investigate risks in cloud computing, including Microsoft Corp.’s role in a recent breach of government officials’ email accounts by suspected Chinese hackers, according to two people familiar with the matter. The Cyber Safety Review Board, which was created by the Biden administration to investigate major cybersecurity events, will focus on risks to cloud computing infrastructure broadly, including identity and authentication management, and will examine all relevant cloud service providers, according to a Department of Homeland Security official. The issue was brought into focus by the breach of Microsoft’s email systems, the official said. Both people asked not to be named so they could discuss sensitive information.
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
Tenable CEO accuses Microsoft of negligence in addressing security flaw
Cybersecurity veteran Amit Yoran says Microsoft has a culture of toxic obfuscation when it comes to addressing security threats.
Russia-backed hackers used Microsoft Teams to breach government agencies | TechCrunch
Russian state-sponsored hackers posed as technical support staff on Microsoft Teams to compromise dozens of global organizations, including government agencies.
Cryptojacking: Understanding and defending against cloud compute resource abuse
Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse.
Microsoft changes signing key system breached by Chinese hackers to steal US gov’t data
Microsoft has announced changes to a system that was exploited by Chinese hackers over the last month that allowed them to access email accounts and spy on the inner workings of two dozen organizations, including government agencies, a lawmaker’s staff and even Commerce Secretary Gina Raimondo.
Chinese hackers breached US government email accounts, Microsoft and White House say | CNN Politics
China-based hackers have breached email accounts at two-dozen organizations, including some United States government agencies, in an apparent spying campaign aimed at acquiring sensitive information, according to statements from Microsoft and the White House late Tuesday.