Microsoft

Microsoft Teams phishing: Enterprises targeted by ransomware access broker

Don't miss, Hot stuff, initial access broker, Microsoft, Microsoft Teams, News, phishing, Ransomware /

Microsoft Teams phishing: Enterprises targeted by ransomware access broker 13/09/2023 at 12:16 By Zeljka Zorz A threat actor known for providing ransomware gangs with initial access to enterprise systems has began phishing employees via Microsoft Teams. “For this activity, Storm-0324 most likely relies on a publicly available tool called TeamsPhisher,” Microsoft threat researchers noted. About […]

React to this headline:

Loading spinner

Microsoft Teams phishing: Enterprises targeted by ransomware access broker Read More »

Serial cybersecurity founders get back in the game

CEO, cybersecurity, Don't miss, Expert analysis, Expert corner, Honeywell, Hot stuff, Microsoft, News, opinion, Palo Alto Networks, Valence Security, YL Ventures /

Serial cybersecurity founders get back in the game 13/09/2023 at 07:32 By Help Net Security “I didn’t really have a choice,” says Ben Bernstein, the former CEO and co-founder of Twistlock (acquired by Palo Alto Networks in 2019) and the CEO and co-founder of a new cybersecurity startup that is still in stealth. “Building a

React to this headline:

Loading spinner

Serial cybersecurity founders get back in the game Read More »

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits

Malware & Threats, Microsoft, Microsoft Office, Nation-State, Patch Tuesday, Vulnerabilities, Zero-Day /

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits 12/09/2023 at 22:16 By Ryan Naraine Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild. The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits Read More »

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)

Adobe, Automox, CVE, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, News, patch, Patch Tuesday, security update, Tenable, Trend Micro /

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) 12/09/2023 at 22:01 By Zeljka Zorz September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft vulnerabilities of note Microsoft has delivered fixes for 61 CVE-numbered flaws:

React to this headline:

Loading spinner

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) Read More »

September 2023 Patch Tuesday forecast: Important Federal government news

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, News, opinion, Patch Tuesday, predictions /

September 2023 Patch Tuesday forecast: Important Federal government news 08/09/2023 at 08:17 By Help Net Security Microsoft addressed 33 CVEs in Windows 10 and 11 last month after nearly 3x that number in July. But despite the lull in CVEs, they did provide new security updates for Microsoft Exchange Server, .NET Framework, and even SQL

React to this headline:

Loading spinner

September 2023 Patch Tuesday forecast: Important Federal government news Read More »

How Chinese hackers got their hands on Microsoft’s token signing key

cloud security, cyber espionage, data theft, Don't miss, enterprise, Europe, Government, Hot stuff, Microsoft, Microsoft 365, News, USA, Wiz /

How Chinese hackers got their hands on Microsoft’s token signing key 07/09/2023 at 17:00 By Zeljka Zorz The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere

React to this headline:

Loading spinner

How Chinese hackers got their hands on Microsoft’s token signing key Read More »

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes

APT, China, cloud security, Data Breaches, M365, Microsoft, Nation-State /

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes 07/09/2023 at 00:03 By Ryan Naraine Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails. The post Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes appeared first on

React to this headline:

Loading spinner

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes Read More »

Cybercriminals target MS SQL servers to deliver ransomware

brute-force, Don't miss, Hot stuff, Microsoft, MS SQL Server, News, Ransomware /

Cybercriminals target MS SQL servers to deliver ransomware 06/09/2023 at 16:02 By Helga Labus A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target exposed MS SQL servers by brute-forcing access credentials. After having successfully authenticated, they start enumerating the

React to this headline:

Loading spinner

Cybercriminals target MS SQL servers to deliver ransomware Read More »

OpenAI Turns to Security to Sell ChatGPT Enterprise

Artificial Intelligence, ChatGPT, Compliance, Google, LLMs, Microsoft, OpenAI, Privacy & Compliance /

OpenAI Turns to Security to Sell ChatGPT Enterprise 29/08/2023 at 21:03 By Ryan Naraine ChatGPT Enterprise is a corporate edition of ChatGPT that promises “enterprise-grade security” and a commitment not to use prompts and company data to train AI models. The post OpenAI Turns to Security to Sell ChatGPT Enterprise appeared first on SecurityWeek. This

React to this headline:

Loading spinner

OpenAI Turns to Security to Sell ChatGPT Enterprise Read More »

Did Microsoft Just Upend the Enterprise Browser Market?

Edge for Business, Enterprise Browser, Funding/M&A, Identity & Access, Microsoft, Risk Management, secure browsing /

Did Microsoft Just Upend the Enterprise Browser Market? 29/08/2023 at 17:36 By Ryan Naraine NEWS ANALYSIS: Redmond plants its feet firmly in the enterprise browser space, sending major ripples through Silicon Valley’s bustling venture-backed startup ecosystem. The post Did Microsoft Just Upend the Enterprise Browser Market? appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Did Microsoft Just Upend the Enterprise Browser Market? Read More »

Easy-to-exploit Skype vulnerability reveals users’ IP address

consumer, deanonymization, Don't miss, Hot stuff, Microsoft, mobile apps, News, Privacy, Skype, vulnerability /

Easy-to-exploit Skype vulnerability reveals users’ IP address 29/08/2023 at 13:32 By Zeljka Zorz A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The vulnerability The security vulnerability has

React to this headline:

Loading spinner

Easy-to-exploit Skype vulnerability reveals users’ IP address Read More »

Phishers use QR codes to target companies in various industries

Cofense, Don't miss, Hot stuff, Microsoft, News, phishing, QR codes /

Phishers use QR codes to target companies in various industries 17/08/2023 at 13:01 By Helga Labus A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. “The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails

React to this headline:

Loading spinner

Phishers use QR codes to target companies in various industries Read More »

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying

ICS, ICS/OT, Microsoft, vulnerability /

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying 11/08/2023 at 15:16 By Eduard Kovacs Over a dozen Codesys vulnerabilities discovered by Microsoft researchers can be exploited to shut down industrial processes or deploy backdoors. The post Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying Read More »

Illumio for Azure Firewall allows users to protect different parts of their cloud environment

Illumio, Industry news, Microsoft /

Illumio for Azure Firewall allows users to protect different parts of their cloud environment 10/08/2023 at 15:32 By Industry News Illumio released Illumio for Microsoft Azure Firewall. Illumio for Azure Firewall visualizes and secures traffic between Azure resources and simplifies firewall rule management with zero trust segmentation. Illumio for Azure Firewall builds resilience to ransomware

React to this headline:

Loading spinner

Illumio for Azure Firewall allows users to protect different parts of their cloud environment Read More »

White House launches AI Cyber Challenge to make software more secure

Anthropic, Artificial Intelligence, Black Hat USA 2023, critical infrastructure, cybersecurity, darpa, DEF CON, Google, Government, Microsoft, News, OpenAI, OpenSSF, software, USA, vulnerability /

White House launches AI Cyber Challenge to make software more secure 10/08/2023 at 12:33 By Help Net Security The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge (AIxCC) will challenge

React to this headline:

Loading spinner

White House launches AI Cyber Challenge to make software more secure Read More »

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio 

.NET, CISA, Featured, Microsoft, Vulnerabilities, Zero-Day /

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  10/08/2023 at 12:33 By Eduard Kovacs CISA has added CVE-2023-38180, a zero-day vulnerability affecting .NET and Visual Studio, to its Known Exploited Vulnerabilities Catalog. The post CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  Read More »

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year

bug bounty program, Microsoft, Vulnerabilities /

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year 09/08/2023 at 17:03 By Eduard Kovacs For the fourth consecutive year, Microsoft has paid out more than $13 million through its bug bounty programs. The post Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year appeared first on

React to this headline:

Loading spinner

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year Read More »

Kyndryl and Microsoft join forces to help customers explore the use of generative AI

Industry news, Kyndryl, Microsoft /

Kyndryl and Microsoft join forces to help customers explore the use of generative AI 09/08/2023 at 15:31 By Industry News Kyndryl and Microsoft announced a joint effort to enable the adoption of enterprise-grade generative AI solutions for businesses on The Microsoft Cloud. Leveraging the partnership’s Joint Innovation Centers, Kyndryl’s growing patent portfolio in data and

React to this headline:

Loading spinner

Kyndryl and Microsoft join forces to help customers explore the use of generative AI Read More »

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days

Cyberwarfare, Microsoft, Nation-State, patch, Patch Tuesday, Vulnerabilities /

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days 08/08/2023 at 23:17 By Ryan Naraine Patch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products. The post Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days Read More »

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ

Automox, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, Microsoft Teams, MS Office, News, Patch Tuesday, security update, Trend Micro /

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ 08/08/2023 at 22:46 By Zeljka Zorz August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for which proof-of-exploit code exists. Other than the fact that a

React to this headline:

Loading spinner

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ Read More »

Scroll to Top