Microsoft

Microsoft begins broadening free cloud logging capabilities

CISA, cloud security, Don't miss, Government, Hot stuff, logging, Microsoft, News, USA /

Microsoft begins broadening free cloud logging capabilities 2024-02-22 at 14:47 By Helga Labus After select US federal agencies tested Microsoft’s expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using Microsoft Purview Audit – regardless of license tier. “This change will impact government departments & agencies who do […]

React to this headline:

Loading spinner

Microsoft begins broadening free cloud logging capabilities Read More »

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting

Artificial Intelligence, ChatGPT, LLMs, Malware & Threats, Microsoft, OpenAI /

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting 2024-02-14 at 22:02 By Ryan Naraine Microsoft threat hunters say foreign APTs are interacting with OpenAI’s ChatGPT to automate malicious vulnerability research, target reconnaissance and malware creation tasks. The post Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting Read More »

How are state-sponsored threat actors leveraging AI?

APT, Artificial Intelligence, Don't miss, generative AI, government-backed attacks, Hot stuff, LLMs, Microsoft, News, OpenAI, threats /

How are state-sponsored threat actors leveraging AI? 2024-02-14 at 18:31 By Helga Labus Microsoft and OpenAI have identified attempts by various state-affiliated threat actors to use large language models (LLMs) to enhance their cyber operations. Threat actors use LLMs for various tasks Just as defenders do, threat actors are leveraging AI (more specifically: LLMs) to

React to this headline:

Loading spinner

How are state-sponsored threat actors leveraging AI? Read More »

Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)

0-day, APT, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, MS Office, News, Tenable, Trend Micro, vulnerability /

Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351) 2024-02-13 at 22:01 By Zeljka Zorz On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild. About CVE-2024-21412 and CVE-2024-21351 CVE-2024-21412 allows attackers to bypass the Microsoft Defender SmartScreen

React to this headline:

Loading spinner

Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351) Read More »

February 2024 Patch Tuesday forecast: Zero days are back and a new server too

ACROS Security, Adobe Acrobat, apple, Chrome, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, patch, Patch Tuesday, security update /

February 2024 Patch Tuesday forecast: Zero days are back and a new server too 2024-02-09 at 08:32 By Mirko Zorz January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new

React to this headline:

Loading spinner

February 2024 Patch Tuesday forecast: Zero days are back and a new server too Read More »

Russian hackers breached Microsoft, HPE corporate maliboxes

APT, cyber espionage, data breach, Don't miss, Hot stuff, HPE, Microsoft, News /

Russian hackers breached Microsoft, HPE corporate maliboxes 2024-01-25 at 15:31 By Helga Labus Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently disclosed successful attack campaigns by the Russia-affiliated APT group. The Microsoft breach Last Friday, Microsoft revealed

React to this headline:

Loading spinner

Russian hackers breached Microsoft, HPE corporate maliboxes Read More »

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs

APT29, Data Breaches, Featured, Microsoft, Nation-State, Nobelium, Russia /

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs 2024-01-20 at 01:17 By Ryan Naraine A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives. The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs Read More »

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks

Iran, Malware & Threats, Microsoft, Mint Sandstorm, Nation-State /

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks 2024-01-17 at 20:31 By Ryan Naraine Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks. The post Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks Read More »

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation

Microsoft, Network Security, Pixiefail, Quarkslab, Supply Chain Security, Tianocore, UEFI, Vulnerabilities /

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation 2024-01-16 at 16:16 By Ryan Naraine Quarkslab finds serious, remotely exploitable vulnerabilities in EDK II, the de-facto open source reference implementation of the UEFI spec. The post Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation Read More »

Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears

Microsoft, Uncategorized /

Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears 2024-01-11 at 19:47 By Associated Press Microsoft said that it is upgrading its cloud computing service to let customers store all personal data within the European Union. The post Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears

React to this headline:

Loading spinner

Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears Read More »

Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)

Don't miss, Hot stuff, Microsoft, MS Office, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro /

Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700) 2024-01-09 at 22:02 By Zeljka Zorz For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the vulnerabilities fixed this time aroundare under active exploitation or have been previously publicly disclosed. The

React to this headline:

Loading spinner

Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700) Read More »

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V

Hyper-V, Kerberos, Microsoft, Network Security, Patch Tuesday, Vulnerabilities /

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V 2024-01-09 at 21:02 By Ryan Naraine Patch Tuesday: Redmond patches critical, remote code execution vulnerabilities haunting Windows Kerberos and Windows Hyper-V. The post Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V Read More »

January 2024 Patch Tuesday forecast: A Focus on Printing

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions /

January 2024 Patch Tuesday forecast: A Focus on Printing 2024-01-05 at 08:16 By Help Net Security Happy 2024 Everyone! I hope everyone is looking forward to another exciting year in the ever-changing world of IT operations and software security. This article aims to provide a quick summary of some of the latest trends, announcements, and

React to this headline:

Loading spinner

January 2024 Patch Tuesday forecast: A Focus on Printing Read More »

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio

a16z, Cisco, cloud security, eBPF, Funding/M&A, Isovalent, Microsoft /

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio 21/12/2023 at 23:32 By Ryan Naraine Isovalent raised about 70 million in funding from prominent investors including Microsoft’s venture fund, Google, and Andreessen Horowitz. The post Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio Read More »

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

Akamai, Malware & Threats, Microsoft, Microsoft Outlook, Vulnerabilities, Zero-Day /

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE 19/12/2023 at 23:55 By Ionut Arghire Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. The post Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Read More »

Microsoft is working on a more secure print system for Windows

Don't miss, drivers, Hot stuff, Microsoft, News, software protection, Windows /

Microsoft is working on a more secure print system for Windows 18/12/2023 at 17:01 By Helga Labus After announcing a gradual elimination of third-party printer drivers on Windows earlier this year, Microsoft has now unveiled its plan for enhancing security by introducting Windows Protected Print Mode (WPP). The problem with the current Windows print system

React to this headline:

Loading spinner

Microsoft is working on a more secure print system for Windows Read More »

Qakbot returns in fresh assault on hospitality sector

botnet, Don't miss, hospitality industry, Hot stuff, Malware, Microsoft, News, phishing /

Qakbot returns in fresh assault on hospitality sector 18/12/2023 at 15:47 By Helga Labus The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakbot and its

React to this headline:

Loading spinner

Qakbot returns in fresh assault on hospitality sector Read More »

Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts

cybercrime, Microsoft, takedown /

Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts 14/12/2023 at 14:35 By Ionut Arghire Microsoft disrupts Storm-1152, a cybercrime-as-a-service business facilitating phishing, identity theft, and DDoS attacks. The post Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts Read More »

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted

Arkose Labs, cybercrime, cybercriminals, cybersecurity, Don't miss, law enforcement, Microsoft, News /

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted 14/12/2023 at 12:19 By Help Net Security Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service (CaaS) businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and consumers globally out of millions of dollars. Images of Storm-1152’s illicit websites. Source: Microsoft Cybercrime-as-a-service is

React to this headline:

Loading spinner

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted Read More »

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis

GitHub, Microsoft, News, open source, software /

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis 14/12/2023 at 07:33 By Help Net Security Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides investigators with a convenient way to scan for PLCs and identify any suspicious artifacts within ICS

React to this headline:

Loading spinner

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis Read More »

Scroll to Top