News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Recover deleted SaaS data
Recover deleted SaaS data

According to Statista, Microsoft Office 365 controls nearly 50 percent of the global office productivity software market. Surely one or two users of this suite have accidentally permanently deleted an email, but Office 365 has built-in data protection functions that can be used to restore Outlook emails. This includes various email retention policy features that can be individually configured to meet specific legal compliance and operational requirements. In principle, however, the following applies: Exchange Online stores deleted emails for 14 days, up to a maximum of 30 days. Data protection at the highest level Difficult or even...

Read more

Microsoft abused for phishing
B2B Cyber ​​Security ShortNews

The research department of a cyber security solutions provider has published the Brand Phishing Report for the fourth quarter of 2023. The report highlights the brands most frequently imitated by hackers to steal personal information, user account information or payment data in October, November and December 2023. Microsoft was at the top with 33 percent and overall the technology sector was the most abused industry as Amazon came second with 9 percent, Google third with 8 percent and Apple with 4 percent. “As we move forward from 2023…

Read more

Outlook: Calendar entry can steal password
Outlook: Calendar entry can steal password -AI

There is a new vulnerability in Outlook and three ways to access NTLM v2 hashed passwords. Access can be done through the calendar function and double headers via calendar entry. Experts have discovered the vulnerability and are warning about it. Varonis Threat Labs discovered the new Outlook vulnerability (CVE-2023-35636) and three new ways to exploit it. This allows you to access the NTLM v2 hash passwords from Outlook, Windows Performance Analyzer (WPA) and Windows File Explorer. With access to these passwords, attackers can attempt an offline brute force attack or an authentication relay attack to compromise an account and gain access. Unpatched…

Read more

Russian APT group attacked Microsoft 
B2B Cyber ​​Security ShortNews

According to its own information, Microsoft was attacked by Midnight Blizzard on January 12, 2024. The Russian-sponsored actors apparently had access to email accounts of high-ranking employees. However, the attackers are said to have had no access to the customer environments. On January 12, 2024, the Microsoft security team said it recognized an attack by a nation state on its corporate systems. A response process was then activated to disrupt the malicious activity, mitigate the attack, and deny further access to the threat actor. Microsoft has identified the threat actor as Midnight Blizzard, also known as Nobelium,…

Read more

Vulnerabilities: BSI recommends Chrome and Microsoft Edge Update
B2B Cyber ​​Security ShortNews

New vulnerabilities could allow attackers to execute code and control browsers remotely. The BSI therefore urgently recommends updating the browser, which is also very easy to do. The CVSS value of 8.8 is considered highly dangerous. The Federal Office for Information Security (BSI) warns users and companies of highly dangerous vulnerabilities with the CVSS value 8.8 in the Google Chrome and Microsoft Edge browsers under the Windows, MacOS and Linux operating systems. A remote, anonymous attacker could exploit multiple vulnerabilities in Google Chrome and Microsoft Edge to...

Read more

Email vulnerability: BSI warns of SMTP smuggling

Using smuggling, an email can be split and the fake senders bypass authentication mechanisms such as SPF, DKIM and DMARC. While large companies and email service providers Microsoft, GMX and Ionos immediately stopped smuggling, Cisco continues to consider the danger to be a great function, according to the BSI. On December 18, cybersecurity firm SEC Consult released information about a new attack technique using “Simple Mail Transfer Protocol (SMTP) Smuggling.” With SMTP smuggling, attackers take advantage of the fact that different SMTP implementations interpret the marking of the end of an email message differently. SPF, DKIM and DMARC undermined you...

Read more

Storm-1152: Microsoft defends itself with domain deletions 
B2B Cyber ​​Security ShortNews

Microsoft is using domain deletions to stop the activities of the Storm-1152 group, which sells fraudulent Microsoft accounts and security circumvention tools. 750 million Microsoft accounts have already been put up for sale, bringing the group millions in revenue. Storm-1152 operates illegal websites and social media pages and sells fraudulent Microsoft accounts and identity verification software bypass tools on popular technology platforms. These services reduce the amount of time and effort criminals need to commit a variety of criminal and abusive behaviors online. To date, Storm-1152 has put around 750 million fraudulent Microsoft accounts up for sale, making…

Read more

Analysis: Attack routes against Microsoft Outlook
B2B Cyber ​​Security ShortNews

Microsoft Outlook has a lot of attack vectors under everyday conditions. An analysis by Check Point Research (CPR) shows the attack routes that cyber attackers use. This is particularly interesting for small and medium-sized companies – SMEs. Check Point Research (CPR), Check Point's threat intelligence division, has published a detailed analysis of the desktop application Microsoft Outlook, linked to the Microsoft Exchange Server, which provides a deep insight into attack vectors. In particular, the 2021 version was examined under Windows with updates from November 2023. Of course, it is also important to always keep an eye on current security gaps...

Read more

BSI warns: Microsoft Edge Browser requires security update  
B2B Cyber ​​Security ShortNews

The BSI has issued a warning for the Microsoft Edge browser because two highly dangerous security holes can be exploited by attackers. The problem can be solved with a quick update. The vulnerabilities CVE-2023-36026 and CVE-2023-36008 reported by the BSI have a CVSS base score of 7.8 and are therefore considered highly dangerous. The BSI describes the vulnerabilities as “A remote, anonymous attacker can exploit several vulnerabilities in Microsoft Edge to execute arbitrary program code or misrepresent information.” All versions below version number 119.0.2151.72 (Stable Channel) or below version 118.0.2088.109 are affected…

Read more

Microsoft: 38 TB of data accidentally exposed
Microsoft: 38 TB of data accidentally exposed - Image by Mudassar Iqbal on Pixabay

The security provider Wiz found 38 TB of data including 30.000 internal Teams messages while browsing Microsoft's AI GitHub repository. According to Wiz, a SAS token misconfigured by the AI ​​research team triggered the issue. According to the Wiz Research Team, Microsoft's AI research team made a few glaring mistakes when publishing open source training data on GitHub. Apparently, when publishing data, a total of 38 terabytes of data was accidentally marked for publication and then published. Among them: private data, a hard drive backup of two employees' workstations. 38 TBytes of data including tokens, passwords and…

Read more