Last week, Microsoft disrupted a Vietnam-based threat group called Storm-1152. Microsoft’s Digital Crimes Unit (DCU) gained control of the domains used by the group to sell millions of fraudulent Microsoft accounts to other cybercriminals. The DCU team has obtained a court order from the Southern District of New York to take down the US-based digital…
Microsoft has issued a warning about cybercriminals exploiting OAuth for automated financial cyberattacks. The Threat Intelligence team has identified that threat actors are creating malicious OAuth apps to carry out password spraying, phishing, and crypto mining activities. OAuth (Open Authorization) is an open standard designed to offer secure third-party access to user resources on a…
Microsoft has released a comprehensive guide to assist IT administrators in promptly and effectively responding to security breaches within their organizations. The Microsoft Incident Response team detailed best practices to protect workloads in cloud, on-premises, and hybrid environments. Decommission AD FS Microsoft explained that the Active Directory Federation Services (AD FS) could pose a significant…
Security researchers have disclosed that hackers are persistently exploiting the Log4j vulnerability to infiltrate organizations globally. The infamous Lazarus hacking group has recently exploited this flaw to launch a fresh wave of cyberattacks, deploying new remote access Trojans (RATs) coded in the D programming language. What is Log4j? The Log4j vulnerability, also known as Log4Shell,…
Last Update: Dec 09, 2023
Security researchers have disclosed a new firmware vulnerability named LogoFAIL, which is capable of infiltrating a wide array of Windows and Linux machines. The attack allows threat actors to use malicious logo images to potentially compromise the security of devices from major vendors, including Intel, Acer, and Lenovo. Cybersecurity company Binarly has discovered a security…
Microsoft has warned customers that a Russian state-sponsored hacking group (dubbed Forest Blizzard (STRONTIUM)) is actively exploiting an Outlook flaw to target Exchange Servers. The vulnerability could potentially unlock unauthorized access to emails and pave the way for the pilfering of sensitive information. In March, Microsoft disclosed a critical vulnerability in Outlook for Windows that…
Microsoft has announced that it’s deprecating Defender Application Guard for Office this month. The company has quietly updated its support article to indicate that the security feature will no longer receive updates. “Microsoft Defender Application Guard for Office is being deprecated and is no longer being updated. This deprecation also includes the Windows.Security.Isolation APIs that…
Microsoft has introduced a new Terraform module aimed at simplifying the onboarding process for Microsoft Defender for Cloud (MDC). This module enables organizations to configure MDC plans for their subscriptions or management groups using a minimal amount of code. Microsoft Defender for Cloud is a security solution that allows customers to protect cloud-based applications against…
Cybersecurity researchers from Blackwing HQ have managed to bypass Windows Hello fingerprint authentication on three different laptops from Dell, Lenovo, and Microsoft. The penetration tests were carried out at the request of Microsoft to assess the security of the fingerprint sensors used in these devices. Windows Hello is a biometric authentication feature that allows users…
Microsoft announced yesterday the launch of its new Defender Bounty Program. The new program is aimed at enticing security researchers to unearth new vulnerabilities in the security solution in exchange for rewards between $500 and $20,000. The submissions must specify the severity (Critical or Important) and step-by-step instructions to reproduce the issue in the fully…