Microsoft has revealed that a Chinese-backed threat group, known as Storm-0062, is currently exploiting a critical zero-day vulnerability in Atlassian Confluence Server and Confluence Data Center. The proof-of-concept exploits for this vulnerability are now publicly available, raising the alarming possibility of mass exploitation. Last week, Atlassian acknowledged the remotely exploitable privilege-escalation vulnerability (CVE-2023-22515) that affects…
Microsoft announced this week plans to release the public preview of Inbound SMTP DANE with DNSSEC support for Exchange Online in 2024. The new tamper protection capabilities aim to bolster defenses against adversary-in-the-middle attacks in email communications. Specifically, Microsoft will enable two internet protocols for Exchange Online, including the DNS-based Authentication of Named Entities (DANE)…
Security researchers have discovered that hackers are now employing a new zero-point font obfuscation technique to target Microsoft Outlook users. Unlike traditional phishing emails that try to evade automated detection, this novel approach aims to deceive recipients by making emails appear more trustworthy. In a recent report published by the SANS Internet Storm Center, cybersecurity…
Microsoft has announced some important updates for its Defender for Cloud solution. This latest release introduces a new unified cloud data security dashboard and sensitive data discovery capabilities that promise to improve how organizations protect corporate data. First off, Microsoft has launched a new data security dashboard in public preview for its Defender for Cloud…
Microsoft has introduced multi-tenant support in public preview for Microsoft 365 Defender. This feature simplifies the lives of IT pros by providing a unified view for investigating incidents and conducting advanced threat hunting across multiple tenants. Microsoft 365 Defender is a security solution that allows IT Pros to protect data across Microsoft 365 environments. The…
Cybersecurity researchers have uncovered a 38TB storage bucket containing private data inadvertently leaked by a Microsoft employee. The breach, attributed to a misconfigured GitHub repository within Microsoft’s AI research team, exposed sensitive information including passwords, secret keys, and internal messages. In a report published this week, Wiz researchers explained that they discovered a misconfigured GitHub…
Microsoft has recently patched eight cross-site scripting (XSS) vulnerabilities impacting Azure HDInsight. These vulnerabilities could have allowed unauthorized access, session hijacking, and the deployment of malicious code. Azure HDInsights is a fully managed service that lets organizations use open-source frameworks for big data analytics, management, and processing. They can use the frameworks to create optimized…
Last Update: Sep 13, 2023
Microsoft Sentinel, which was previously known as Azure Sentinel, is a Security Information and Event Management (SIEM) solution for Azure and Microsoft 365. Just like other SIEM solutions, it combines Security Information Management (SIM) and Security Event Management (SEM). In this article, we’re going to explain how Microsoft Sentinel works and how this solution can…
Microsoft 365 Defender, Identity Protection, and Microsoft Sentinel generate an avalanche of security incidents that require attention. In this article, I will give you an overview of what tools are at your disposal, what incidents are useful, and how to make Microsoft Sentinel reduce alerts. Security incidents in a single pane of glass Today’s security…
Last Update: Sep 12, 2023
Security researchers have discovered a new threat actor that has been using a highly advanced phishing kit to bypass multifactor authentication (MFA) safeguards. The cyber threat group has successfully compromised over 8,000 Microsoft 365 corporate accounts across the US, Europe, and Australia. According to a report released by Group-IB, the hackers had built a highly…