Microsoft

Easy-to-exploit Skype vulnerability reveals users’ IP address

consumer, deanonymization, Don't miss, Hot stuff, Microsoft, mobile apps, News, Privacy, Skype, vulnerability /

Easy-to-exploit Skype vulnerability reveals users’ IP address 29/08/2023 at 13:32 By Zeljka Zorz A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The vulnerability The security vulnerability has […]

React to this headline:

Loading spinner

Easy-to-exploit Skype vulnerability reveals users’ IP address Read More »

Phishers use QR codes to target companies in various industries

Cofense, Don't miss, Hot stuff, Microsoft, News, phishing, QR codes /

Phishers use QR codes to target companies in various industries 17/08/2023 at 13:01 By Helga Labus A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. “The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails

React to this headline:

Loading spinner

Phishers use QR codes to target companies in various industries Read More »

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying

ICS, ICS/OT, Microsoft, vulnerability /

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying 11/08/2023 at 15:16 By Eduard Kovacs Over a dozen Codesys vulnerabilities discovered by Microsoft researchers can be exploited to shut down industrial processes or deploy backdoors. The post Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Discloses Codesys Flaws Allowing Shutdown of Industrial Operations, Spying Read More »

Illumio for Azure Firewall allows users to protect different parts of their cloud environment

Illumio, Industry news, Microsoft /

Illumio for Azure Firewall allows users to protect different parts of their cloud environment 10/08/2023 at 15:32 By Industry News Illumio released Illumio for Microsoft Azure Firewall. Illumio for Azure Firewall visualizes and secures traffic between Azure resources and simplifies firewall rule management with zero trust segmentation. Illumio for Azure Firewall builds resilience to ransomware

React to this headline:

Loading spinner

Illumio for Azure Firewall allows users to protect different parts of their cloud environment Read More »

White House launches AI Cyber Challenge to make software more secure

Anthropic, Artificial Intelligence, Black Hat USA 2023, critical infrastructure, cybersecurity, darpa, DEF CON, Google, Government, Microsoft, News, OpenAI, OpenSSF, software, USA, vulnerability /

White House launches AI Cyber Challenge to make software more secure 10/08/2023 at 12:33 By Help Net Security The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge (AIxCC) will challenge

React to this headline:

Loading spinner

White House launches AI Cyber Challenge to make software more secure Read More »

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio 

.NET, CISA, Featured, Microsoft, Vulnerabilities, Zero-Day /

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  10/08/2023 at 12:33 By Eduard Kovacs CISA has added CVE-2023-38180, a zero-day vulnerability affecting .NET and Visual Studio, to its Known Exploited Vulnerabilities Catalog. The post CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  Read More »

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year

bug bounty program, Microsoft, Vulnerabilities /

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year 09/08/2023 at 17:03 By Eduard Kovacs For the fourth consecutive year, Microsoft has paid out more than $13 million through its bug bounty programs. The post Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year appeared first on

React to this headline:

Loading spinner

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year Read More »

Kyndryl and Microsoft join forces to help customers explore the use of generative AI

Industry news, Kyndryl, Microsoft /

Kyndryl and Microsoft join forces to help customers explore the use of generative AI 09/08/2023 at 15:31 By Industry News Kyndryl and Microsoft announced a joint effort to enable the adoption of enterprise-grade generative AI solutions for businesses on The Microsoft Cloud. Leveraging the partnership’s Joint Innovation Centers, Kyndryl’s growing patent portfolio in data and

React to this headline:

Loading spinner

Kyndryl and Microsoft join forces to help customers explore the use of generative AI Read More »

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days

Cyberwarfare, Microsoft, Nation-State, patch, Patch Tuesday, Vulnerabilities /

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days 08/08/2023 at 23:17 By Ryan Naraine Patch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products. The post Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days Read More »

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ

Automox, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, Microsoft Teams, MS Office, News, Patch Tuesday, security update, Trend Micro /

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ 08/08/2023 at 22:46 By Zeljka Zorz August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for which proof-of-exploit code exists. Other than the fact that a

React to this headline:

Loading spinner

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ Read More »

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability

Azure, Management & Strategy, Microsoft /

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability 04/08/2023 at 17:03 By Eduard Kovacs A critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly. The post Microsoft Criticized Over Handling of Critical Power Platform Vulnerability appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Criticized Over Handling of Critical Power Platform Vulnerability Read More »

August 2023 Patch Tuesday forecast: Software security improvements

Adobe, apple, CISA, Don't miss, Expert analysis, FIRST, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

August 2023 Patch Tuesday forecast: Software security improvements 04/08/2023 at 12:17 By Help Net Security The continued onslaught of phishing attacks, ransomware deployment, and other exploitation is forcing the community to pay closer attention to early identification, as well as fast response, to vulnerabilities in their software. In July alone Microsoft addressed 84 CVEs in

React to this headline:

Loading spinner

August 2023 Patch Tuesday forecast: Software security improvements Read More »

Russian APT phished government employees via Microsoft Teams

APT, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft Teams, News, phishing, social engineering /

Russian APT phished government employees via Microsoft Teams 03/08/2023 at 15:17 By Zeljka Zorz An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To facilitate their attack, the actor uses Microsoft

React to this headline:

Loading spinner

Russian APT phished government employees via Microsoft Teams Read More »

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks

Microsoft, MSMQ, Vulnerabilities /

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks 26/07/2023 at 17:34 By Ionut Arghire Fortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service. The post Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks Read More »

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database

disaster recovery, Don't miss, Exchange, Hot stuff, Microsoft, Microsoft 365, Microsoft Exchange, News, Product showcase, software, Stellar /

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database 26/07/2023 at 07:02 By Help Net Security Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business communication. The more the delay in restoring services and recovering data, the

React to this headline:

Loading spinner

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database Read More »

Threat Actor Targeting Developers via Trojanized MS Visual Studio

Info stealer, Malware, Microsoft, Telegram, trojan, Visual Studio /

Threat Actor Targeting Developers via Trojanized MS Visual Studio 25/07/2023 at 18:06 By cybleinc CRIL examines a Trojanized Visual Studio installer that deploys a Cookie Stealer and utilizes Telegram for data exfiltration. The post Threat Actor Targeting Developers via Trojanized MS Visual Studio appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

Threat Actor Targeting Developers via Trojanized MS Visual Studio Read More »

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails

Azure, cloud security, email authentication, email security, Featured, Government, Microsoft, MSA key /

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails 21/07/2023 at 20:19 By Ryan Naraine Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails Read More »

Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer

AntiVM, Chrome, Clipper, Clipper Malware, Crypto wallet, Cryptocurrency, cybercriminals, Electrum, GitHub, GravityRAT, IBAN, infostealer, Luca Stealer, Malware, Microsoft, Opera, phishing, phishing attack, Threat Actors, Threat Intelligence /

Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer 21/07/2023 at 19:19 By cybleinc Cyble Research and Intelligence Labs analyzes Threat Actors spreading Luca Stealer disguised as a beta version of Microsoft Crypto Wallet. The post Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer Read More »

Microsoft Exchange servers compromised by Turla APT

APT, backdoor, cyber espionage, data theft, Don't miss, Hot stuff, Microsoft, News, Ukraine /

Microsoft Exchange servers compromised by Turla APT 20/07/2023 at 15:17 By Helga Labus Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, Snake, UAC-0003) is a sophisticated and

React to this headline:

Loading spinner

Microsoft Exchange servers compromised by Turla APT Read More »

Thanks Storm-0558! Microsoft to expand default access to cloud logs

APT, CISA, cloud security, Don't miss, enterprise, Government, government-backed attacks, Hot stuff, logging, Microsoft, Microsoft 365, News /

Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come

React to this headline:

Loading spinner

Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »

Scroll to Top