FBI says fraud on LinkedIn a 'significant threat' to platform and consumers
Fraudsters who target LinkedIn users in sophisticated investment schemes pose a "significant threat" to the platform, the FBI tells CNBC.
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.
Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments
Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accoun...
DarkGate malware delivered via Microsoft Teams - detection and response
While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector. Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one organization to add users outside the organization to their Teams chats. Perhaps predictably, this feature has provided malicious actors a new avenue by which to exploit untrained or unaware users.
Midnight Blizzard: Guidance for responders on nation-state attack
The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.
Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
Microsoft network breached through password-spraying by Russian-state hackers
Senior execs' emails accessed in network breach that wasn't caught for 2 months.
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its
Microsoft disables MSIX protocol handler abused in malware attacks
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware.
Ongoing phishing campaign can hack you even when you’re protected with MFA
Campaign that steals email has targeted at least 10,000 organizations since September.
Cybersecurity experts question Microsoft's Ukraine report
Leading cybersecurity experts and foreign policy scholars raise serious questions and concerns about Microsoft's report on the Ukraine war.
Microsoft finds Raspberry Robin worm in hundreds of Windows networks
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
7-zip now supports Windows ‘Mark-of-the-Web’ security feature
7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files.
Defending Ukraine: Early Lessons from the Cyber War
This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons and conclusions resulting from the data gathered and analyzed. Notably, the report reveals new information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits and other organizations outside Ukraine. This report also unveils detail about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war efforts. We are seeing these foreign influence operations enacted in force in a coordinated fashion along with the full range of cyber destructive and espionage campaigns. Finally, the report calls for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits and civil society to come together. The foreword of this new report, written by Microsoft President and Vice Chair Brad Smith, offers additional detail below.
FBI says fraud on LinkedIn a 'significant threat' to platform and consumers
Fraudsters who target LinkedIn users in sophisticated investment schemes pose a "significant threat" to the platform, the FBI tells CNBC.
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.
Threat actors misuse OAuth applications to automate financially driven attacks
Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
Windows 10 gets three more years of security updates, if you can afford them | Ars Technica
Windows 10's end-of-support date is October 14, 2025. That's the day that most Windows 10 PCs will receive their last security update and the date when most people should find a way to move to Windows 11 to ensure that they stay secure. As it has done for other stubbornly popular versions of Windows, though, Microsoft is offering a reprieve for those who want or need to stay on Windows 10: three additional years of security updates, provided to those who can pay for the Extended Security Updates (ESU) program.
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
Microsoft has uncovered a supply chain attack by the threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload. The file, which was signed using a valid certificate issued to CyberLink Corp., is hosted on legitimate update infrastructure owned by the organization.
Ongoing phishing campaign can hack you even when you’re protected with MFA
Campaign that steals email has targeted at least 10,000 organizations since September.
Cybersecurity experts question Microsoft's Ukraine report
Leading cybersecurity experts and foreign policy scholars raise serious questions and concerns about Microsoft's report on the Ukraine war.
Microsoft finds Raspberry Robin worm in hundreds of Windows networks
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
7-zip now supports Windows ‘Mark-of-the-Web’ security feature
7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files.
Defending Ukraine: Early Lessons from the Cyber War
This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons and conclusions resulting from the data gathered and analyzed. Notably, the report reveals new information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits and other organizations outside Ukraine. This report also unveils detail about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war efforts. We are seeing these foreign influence operations enacted in force in a coordinated fashion along with the full range of cyber destructive and espionage campaigns. Finally, the report calls for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits and civil society to come together. The foreword of this new report, written by Microsoft President and Vice Chair Brad Smith, offers additional detail below.
FBI says fraud on LinkedIn a 'significant threat' to platform and consumers
Fraudsters who target LinkedIn users in sophisticated investment schemes pose a "significant threat" to the platform, the FBI tells CNBC.
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.
Microsoft Patch Tuesday November 2023
Today, Microsoft released patches for 64 different vulnerabilities in Microsoft products, 14 vulnerabilities in Chromium affecting Microsoft Edge, and five vulnerabilities affecting Microsoft's Linux distribution, Mariner. Three of these vulnerabilities are already being exploited, and three have been made public before the release of the patches.
Détournement de Microsoft et Cloudflare au cours d’une nouvelle attaque de QRishing
Une récente attaque de QRishing a été détectée par Vade. Découvrez l’attaque en détail et les mesures à prendre pour protéger votre entreprise.