Tag: microsoft
-
Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft
by
in SecurityNewsThe cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware, a sophisticated infostealer designed to target specific email clients, notably Microsoft Outlook and Mozilla Thunderbird. This malware has been active since late 2022 and has been primarily used in large-scale phishing campaigns targeting users in several European countries, including Spain,…
-
North Korean Moonstone Sleet Uses Creative Tactics to Deploy Custom Ransomware
by
in SecurityNewsIn a recent development, Microsoft has identified a new North Korean threat actor known as Moonstone Sleet, which has been employing a combination of traditional and innovative tactics to achieve its financial and cyberespionage objectives. Moonstone Sleet, formerly tracked as Storm-1789, has demonstrated a sophisticated approach by using fake companies, trojanized software, and even a…
-
Microsoft Warns: 1 Million Devices Infected by Malware from GitHub
In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide. This campaign, which began in early December 2024, leverages malicious redirects from illegal streaming websites to deliver malware hosted on platforms like GitHub. The attack is notable for its indiscriminate targeting, affecting both consumer and enterprise devices…
-
Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide
by
in SecurityNewsMicrosoft has disclosed details of a large-scale malvertising campaign that’s estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information.The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker used…
-
Microsoft Dismantles Malvertising Scam Using GitHub, Discord, Dropbox
by
in SecurityNewsMicrosoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the… First seen on hackread.com Jump to article: hackread.com/microsoft-dismantle-malvertising-github-discord-dropbox/
-
Microsoft Says One Million Devices Impacted by Infostealer Campaign
by
in SecurityNewsMicrosoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub. The post Microsoft Says One Million Devices Impacted by Infostealer Campaign appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-says-one-million-devices-impacted-by-infostealer-campaign/
-
North Korean hackers join Qilin ransomware gang
by
in SecurityNewsMicrosoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-north-korean-hackers-now-deploying-qilin-ransomware/
-
Microsoft Introduces 365 E5 Security Add-On for Business Premium Customers
Microsoft has launched Microsoft 365 E5 Security as an add-on to its Business Premium suite, providing small and medium-sized businesses (SMBs) with advanced tools to combat escalating cyber threats. The offering integrates enterprise-grade security features at a 57% cost savings compared to standalone purchases, addressing evolving regulatory and cyber insurance demands1. Enhanced Identity Protection and…
-
Zero-Day Attacks Stolen Keys: Silk Typhoon Breaches Networks
by
in SecurityNewsMicrosoft Threat Intelligence has uncovered a strategic shift in the tactics of Silk Typhoon, a Chinese state-backed cyber-espionage First seen on securityonline.info Jump to article: securityonline.info/zero-day-attacks-stolen-keys-silk-typhoon-breaches-networks/
-
How to Install Librewolf
by
in SecurityNewsWhen configured properly, Mozilla Firefox offers great privacy and security. However, achieving a higher level of privacy and security in Mozilla Firefox requires many tweaks across all levels. Some users may not be too comfortable with this and may prefer an out-of-the-box solution that isn’t Chromium dependent. Enter Librewolf – which aims to be user…
-
Skype for Business: Microsoft schaltet Messenger-Dienst am 5. Mai 2025 ab
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/skype-business-microsoft-abschaltung-messenger-dienst-5-mai-2025
-
UK CMA Halts Review of Microsoft, OpenAI Partnership
by
in SecurityNewsProbe into Microsoft’s $13 Billion OpenAI Investment Launched in 2023. The U.K. antitrust regulator won’t open an investigation into a partnership between computing giant Microsoft and artificial intelligence company OpenAI. U.K. Competition Market Authority concludes that there is no relevant merger situation. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-cma-halts-review-microsoft-openai-partnership-a-27666
-
Chinese APT Silk Typhoon exploits IT supply chain weaknesses for initial access
by
in SecurityNews
Tags: access, apt, attack, authentication, china, citrix, cloud, control, corporate, credentials, data, detection, email, exploit, firewall, github, government, group, hacker, identity, Internet, ivanti, least-privilege, microsoft, network, password, service, software, supply-chain, threat, update, vpn, vulnerability, zero-dayTwo-way lateral movement: Aside from abusing cloud assets and third-party services and software providers to gain access to local networks, the Silk Typhoon attackers are also proficient in jumping from on-premise environments into cloud environments. The group’s hackers regularly target Microsoft AADConnect (now Entra Connect) servers which are used to synchronize on-premise Active Directory deployments…
-
Microsoft says malvertising campaign impacted 1 million PCs
by
in SecurityNewsMicrosoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-says-malvertising-campaign-impacted-1-million-pcs/
-
Critical VMware ESXi, Workstation, Fusion Vulnerabilities Seen Exploited in Wild
by
in SecurityNewsSummary On March 4th, Microsoft’s Threat Intelligence Center (MSTIC) uncovered three critical vulnerabilities in VMware products that are being actively exploited in the wild. Affected First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/03/06/critical-vmware-esxi-workstation-fusion-vulnerabilities-seen-exploited-in-wild/
-
Microsoft reveals Silk Typhoon supply chain attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/microsoft-reveals-silk-typhoons-recent-supply-chain-targeting
-
Decrypting the Forest From the Trees
by
in SecurityNews
Tags: api, computer, container, control, credentials, data, endpoint, least-privilege, microsoft, network, password, powershell, service, updateTL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a managed client, service account credentials can be decrypted via the Administration Service API. Introduction While Duane Michael, Chris Thompson, and I were originally working on the Misconfiguration Manager project, one of the tasks I took…
-
Microsoft Warns of Silk Typhoon Hackers Exploiting Cloud Services to Attack IT Supply Chain
by
in SecurityNewsMicrosoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as remote management tools and cloud applications for initial access. This well-resourced and technically proficient threat actor has demonstrated a large targeting footprint among Chinese threat actors, exploiting vulnerabilities in edge devices…
-
Microsoft 365 apps will prompt users to back up files in OneDrive
by
in SecurityNewsStarting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files to OneDrive. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-365-apps-will-prompt-users-to-back-up-files-in-onedrive/
-
Fueling the Fight Against Identity Attacks
by
in SecurityNews
Tags: access, attack, business, cisco, cloud, conference, corporate, cyber, cybersecurity, exploit, identity, microsoft, open-source, penetration-testing, risk, service, software, technology, threat, tool, updateWhen we founded SpecterOps, one of our core principles was to build a company which brought unique insight into high-capability adversary tradecraft, constantly innovating in research and tooling. We aspired to set the cadence of the cyber security industry through a commitment to benefit our entire security community. Today, I am thrilled to announce that…
-
Rural hospitals in US need to invest at least $70 million in cybersecurity, Microsoft finds
by
in SecurityNewsA survey of hundreds of rural facilities found nearly two-thirds struggle to implement basic email security, multifactor authentication and network segmentation. First seen on therecord.media Jump to article: therecord.media/rural-hospitals-need-millions-cyber
-
Chinese Silk Typhoon Group Targets IT Tools for Network Breaches
by
in SecurityNewsMicrosoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks. First seen on hackread.com Jump to article: hackread.com/chinese-silk-typhoon-group-it-tools-network-breaches/
-
Silk Typhoon hackers now target IT supply chains to breach networks
by
in SecurityNewsMicrosoft warns that Chinese cyber-espionage threat group ‘Silk Typhoon’ has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/silk-typhoon-hackers-now-target-it-supply-chains-to-breach-networks/
-
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
by
in SecurityNews
Tags: access, attack, china, corporate, cyber, exploit, flaw, hacking, intelligence, microsoft, supply-chain, tactics, technology, threat, zero-dayThe China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks.That’s according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon…
-
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited
by
in SecurityNews
Tags: advisory, attack, cloud, cve, exploit, flaw, infrastructure, intelligence, leak, microsoft, threat, update, vmware, vulnerability, zero-dayBroadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches. Background On March 4, Broadcom published an advisory (VMSA-2025-0004) for three zero-day vulnerabilities across multiple VMware products: CVE Description CVSSv3 CVE-2025-22224 VMware ESXi and Workstation Heap-Overflow Vulnerability 9.3…
-
Microsoft pushes a lot of products on users, but here’s one cybersecurity can embrace
by
in SecurityNews
Tags: access, attack, authentication, best-practice, business, cisa, cloud, cybersecurity, data-breach, defense, governance, government, identity, mfa, microsoft, monitoring, password, phishing, service, siemEntra monitors for suspicious activity: Entra monitors for activities that are more than likely being carried out by attackers. So, for example, the following actions are monitored:Users with leaked credentials.Sign-ins from anonymous IP addresses.Impossible travel to atypical locations.Sign-ins from infected devices.Sign-ins from IP addresses with suspicious activity.Sign-ins from unfamiliar locations.You can set a threshold for…
-
Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover
by
in SecurityNews
Tags: authentication, control, cvss, cyber, flaw, microsoft, rce, remote-code-execution, vulnerability, windowsA recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows unauthenticated attackers to take control of vulnerable servers through manipulated Kerberos authentication traffic. Designated CVE-2024-43639 and rated 9.8 CVSS, this critical flaw stems from improper validation of message lengths during ASN.1 encoding operation, enabling memory corruption attacks. The vulnerability…
-
Microsoft reagiert auf Trumps FCPA-Anweisung
by
in SecurityNewsDie Anordnungen von US-Präsident Donald Trump machen Microsoft im Hinblick auf das europäische Cloud-Geschäft nervös. Der Konzern hat jetzt mit einem “Ethical Business Commitment” für seine Kunden reagiert. Hier ein kurzer Überblick. Risse im EU-US-Datentransferabkommen Der Austausch persönlicher Daten mit … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/05/microsoft-reagiert-auf-trumps-anweisung-zum-tpf/
-
Enhancing security with Microsoft’s expanded cloud logs
by
in SecurityNewsNation-state-sponsored hacking stories are a big part of everyone’s favourite Hollywood movies”‰”, “‰that is, until it becomes a real-life story of our own compromised personal or corporate sensitive data ending up on the dark web or in hackers’ hands. In real life, cyber espionage groups’ activities trigger stringent security enforcement. First in the government sector,…