Security

Microsoft has released a new dedicated inventory in public preview for its Defender Vulnerability Management solution. The new Vulnerable Components Inventory feature allows IT administrators to actively detect and address known vulnerabilities in software components used within their enterprise environments. Microsoft Defender Vulnerability Management is a security solution that enables organizations to discover, prioritize, and…

Last week, Microsoft disclosed that Russian state-sponsored hackers exploited a weak password to infiltrate its corporate network. The threat actor (dubbed Midnight Blizzard) gained unauthorized access to the email accounts of its senior executives and employees working in legal and cybersecurity teams. Microsoft detailed that the Russian hacking group (also known as Nobelium or APT29)…

Microsoft Defender for Cloud has introduced support for agentless malware scanning for servers hosting virtual machines. The new feature is designed to help organizations assess software vulnerabilities on VMs without requiring the installation of Defender for Endpoint. Microsoft Defender for Cloud already supports various agent-based vulnerability assessment solutions, such as Qualys, BYOL, and Microsoft Defender…

The US Cybersecurity and Infrastructure Security Agency (CISA) and FBI have issued a warning regarding the recently discovered Androxgh0st malware. This malicious campaign empowers threat actors to steal credentials and deploy malicious payloads, specifically targeting vulnerable Apache web servers and websites. The malware dubbed “Androxgh0st” was first discovered by the cybersecurity firm Lacework back in…

Microsoft has announced the general availability of Defender for Cloud’s integration with Microsoft Defender XDR. This release offers administrators direct access to investigate and manage Defender for Cloud alerts and incidents within the Microsoft Defender portal. Microsoft Defender for Cloud is a security solution that enables organizations to protect cloud-based applications from security threats and…

Cybersecurity researchers have disclosed a serious threat to Windows users, as hackers exploit a Windows Defender SmartScreen bypass vulnerability to deploy the Phemedrone Stealer malware. It could enable hackers to harvest sensitive information (such as cookies, passwords, and authentication tokens) from Windows machines. The security flaw, which is tracked as CVE-2023-36025, has a CVSS score…

The Cybersecurity and Infrastructure Security Agency (CISA) has raised concerns about the active exploitation of a critical vulnerability in Microsoft SharePoint. The security flaw (tracked as CVE-2023-29357) allows unauthenticated attackers to gain administrative privileges on unpatched servers. The Microsoft SharePoint vulnerability was first discovered by STAR Labs researcher Nguyễn Tiến Giang (Jang) during Vancouver’s Pwn2Own…

Microsoft has recently shared details about how Defender for Office 365 is effectively countering the rise of QR code phishing attacks. A QR code (Quick Response code) is a two-dimensional barcode capable of storing different types of information (such as product details, contact information, and website URLs). It can be easily scanned with smartphones or…

Microsoft has recently disclosed four vulnerabilities in the Perforce Helix Core Server. These security flaws could enable threat actors to remotely execute commands in order to gain privileged access to the local Windows systems. The Perforce Helix Core Server (also known as Perforce Server) is a version control system that helps software development teams manage…

Last week, Microsoft disrupted a Vietnam-based threat group called Storm-1152. Microsoft’s Digital Crimes Unit (DCU) gained control of the domains used by the group to sell millions of fraudulent Microsoft accounts to other cybercriminals. The DCU team has obtained a court order from the Southern District of New York to take down the US-based digital…