Tag: microsoft
-
European companies hit with effective DocuSign-themed phishing emails
by
in SecurityNewsA threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/18/european-companies-docusign-themed-phishing-owa-microsoft-azure/
-
CISA Releases Secure Practices for Microsoft 365 Cloud Services
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services, to enhance the cybersecurity posture of Federal Civilian Executive Branch (FCEB) agencies utilizing cloud services, including Microsoft 365. This directive, unveiled on December 17, 2024, introduces a set of Secure Configuration Baselines and assessment tools…
-
CISA orders federal agencies to secure Microsoft cloud systems after ‘recent’ intrusions
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) issued a binding directive on Tuesday giving federal agencies a series of deadlines to identify cloud systems, implement assessment tools and abide by the agency’s Secure Cloud Business Applications (SCuBA) secure configuration baselines.]]> First seen on therecord.media Jump to article: therecord.media/cisa-orders-federal-agencies-to-secure-microsoft-cloud-systems
-
CISA orders federal agencies to secure Microsoft 365 tenants
by
in SecurityNewsCISA has issued this year’s first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-secure-microsoft-365-tenants/
-
Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks
A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan.Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing email link or attachment, although it said it couldn’t obtain the original email used to…
-
Does Desktop AI Come With a Side of Risk?
by
in SecurityNewsArtificial intelligence capabilities are coming to a desktop near you, with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks? First seen on darkreading.com Jump to article: www.darkreading.com/application-security/does-desktop-ai-risk
-
Cyber Criminals Exploit Windows Management Console to Deliver Backdoor Payloads
A recent campaign dubbed FLUX#CONSOLE has come to light, leveraging Microsoft Common Console Document (.MSC) files to infiltrate systems with backdoor malware. The campaign showcases the growing sophistication of phishing techniques and the exploitation of lesser-known Windows features. The FLUX#CONSOLE Campaign The FLUX#CONSOLE campaign has been identified as a multi-stage attack with sinister objectives. By using MSC files, threat actors…
-
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog
by
in SecurityNews
Tags: access, adobe, cisa, control, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference (CVE-2024-35250) and Adobe ColdFusion Improper Access Control (CVE-2024-20767) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The…
-
Detection Engineer’s Guide to Powershell Remoting
by
in SecurityNews
Tags: access, attack, automation, computer, control, credentials, crowdstrike, cyberattack, data, detection, edr, endpoint, exploit, firewall, guide, hacker, malicious, microsoft, mitre, monitoring, network, penetration-testing, powershell, risk, service, siem, threat, tool, update, windowsPowershell Remoting is a powerful feature in Windows that enables IT administrators to remotely execute commands, manage configurations, and automate tasks across multiple systems in a network. Utilizing Windows Remote Management (WinRM), it facilitates efficient management by allowing centralized control over endpoints, making it an essential tool for system administrators to streamline operations and maintain…
-
Voice Phishing on Microsoft Teams Facilitates DarkGate Malware Attack
by
in SecurityNewsTrend Micro has revealed a new vector for cyberattacks: voice phishing (vishing) conducted via Microsoft Teams. This tactic was recently employed to distribute DarkGate malware, a sophisticated threat capable of... First seen on securityonline.info Jump to article: securityonline.info/voice-phishing-on-microsoft-teams-facilitates-darkgate-malware-attack/
-
Misconfiguration Manager: Detection Updates
by
in SecurityNewsTL;DR: The Misconfiguration Manager DETECT section has been updated with relevant guidance to help defensive operators identify the most prolific attack techniques from the Misconfiguration Manager project. Background If you have been following SpecterOps’s offensive security research over the last few years, you may have noticed our interest in targeting attack paths leveraging Microsoft’s Configuration Manager…
-
Microsoft Teams Vishing Spreads DarkGate RAT
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/vishing-via-microsoft-teams-spreads-darkgate-rat
-
Microsoft Update-Katalog: Kritische Lücke in Microsofts Webserver entdeckt
by
in SecurityNewsAngreifer konnten sich auf einem Webserver von Microsoft erweiterte Rechte verschaffen. Trotz versprochener Transparenz nennt der Konzern keine Details. First seen on golem.de Jump to article: www.golem.de/news/microsoft-update-katalog-kritische-luecke-in-microsofts-webserver-entdeckt-2412-191742.html
-
Cloud Access Security Broker ein Kaufratgeber
by
in SecurityNews
Tags: access, ai, api, authentication, cisco, cloud, compliance, control, cyberattack, data, detection, endpoint, exploit, gartner, governance, intelligence, mail, malware, microsoft, monitoring, network, phishing, ransomware, risk, saas, service, software, startup, threat, tool, zero-day, zero-trust -
Russian APT >>Secret Blizzard<< Leverages Cybercriminal Tools in Ukraine Attacks
by
in SecurityNewsA new report from Microsoft Threat Intelligence reveals that the Russian state-sponsored threat actor known as Secret Blizzard (also tracked as Turla, Waterbug, Venomous Bear, Snake, Turla Team, and Turla... First seen on securityonline.info Jump to article: securityonline.info/russian-apt-secret-blizzard-leverages-cybercriminal-tools-in-ukraine-attacks/
-
Week in review: Microsoft fixes exploited 0-day, top cybersecurity books for your holiday gift list
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes exploited zero-day (CVE-2024-49138) On December 2024 Patch … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/15/week-in-review-microsoft-fixes-exploited-0-day-top-cybersecurity-books-for-your-holiday-gift-list/
-
>>Password Era is Ending,<< Microsoft to Delete 1 Billion Passwords
by
in SecurityNewsMicrosoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago. This surge in cyber threats underscores the urgent need for more robust authentication methods, with passkeys emerging as a promising solution. The tech giant has also reported a 146% year-over-year increase…
-
Password Era is Ending Microsoft to Delete 1 Billion Passwords
by
in SecurityNewsMicrosoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago. This surge in cyber threats underscores the urgent need for more robust authentication methods, with passkeys emerging as a promising solution. The tech giant has also reported a 146% year-over-year increase…
-
Microsoft’s AI Recall Tool Is Still Sucking Up Credit Card and Social Security Numbers
by
in SecurityNewsPlus: The US indicts North Koreans in fake IT worker scheme, file-sharing firm Cleo warns customers to patch a vulnerability amid live attacks, and more. First seen on wired.com Jump to article: www.wired.com/story/microsoft-recall-credit-card-social-security-numbers/
-
MFA-Schutz von Microsofts Azure war aushebelbar
by
in SecurityNewsAngreifer konnten die Multi-Faktor-Authentifizierung in Microsofts Azure umgehen und unberechtigten Zugriff erlangen. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-Azure-MFA-Schutz-war-aushebelbar-10198961.html
-
2024 Sees Sharp Increase in Microsoft Tool Exploits
by
in SecurityNewsSophos found observed a significant rise in Microsoft LOLbins abused by attackers in H1 2024 compared to 2023 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
-
Microsoft Azure MFA-Schutz war aushebelbar
by
in SecurityNewsAngreifer konnten die Multi-Faktor-Authentifizierung in Microsofts Azure umgehen und unberechtigten Zugriff erlangen. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-Azure-MFA-Schutz-war-aushebelbar-10198961.html
-
In Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Data, MITRE ATTCK Evaluations
by
in SecurityNewsNoteworthy stories that might have slipped under the radar: AV brand owner Gen Digital makes a $1 billion acquisition, Microsoft Recall captures sensitive data, MITRE releases ATTCK evaluations. The post In Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Data, MITRE ATTCK Evaluations appeared first on SecurityWeek. First seen on securityweek.com Jump to…
-
Amazon pausiert Microsoft 365-Rollout wegen Sicherheitsbedenken nach Hack
by
in SecurityNews
Tags: microsoftIm Jahr 2023 musste Microsoft ja Hacks seiner Exchange Online- und Azure-Dienste eingestehen. Bloomberg berichtet nun, dass Amazon seine Pläne zum Rollout von Microsoft 365 im Unternehmen pausiert habe. Grund seien Sicherheitsbedenken nach dem Hack der mutmaßlich russischen Gruppe Midnight … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/13/amazon-pausiert-microsoft-365-rollout-wegen-sicherheitsbedenken-nach-hack/