News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Microsoft

Microsoft DCOM hardening tool discovers vulnerabilities
14. February 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Open-source detection tool uncovers vulnerabilities in DCOM ahead of Microsoft's March 2023 patch. Users can quickly determine if their networks contain unsecured DCOM made unusable by the new Microsoft patch. OTORIO has released the open-source Microsoft Distributed Component Object Model (DCOM) Hardening Toolkit. The aim is to protect OT systems from possible problems related to an upcoming Microsoft patch. Because Microsoft itself writes: “14. March 2023, hardening changes are enabled by default with no option to disable them. At this point, you must resolve any compatibility issues with the hardening changes and applications in your environment." Test,…

Read more

Phishing Report shows the current email traps
30 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In its new Brand Phishing Report for the fourth quarter of 2022, Check Point presents the new phishing threats. The report highlights the brands most frequently impersonated by hackers in their attempts to steal personal information or payment details in the months of October, November and December of the past year. In general, the technology sector was the industry most impersonated by brand phishing in the last quarter of 2022, followed by logistics and social media. DHL ranked second with 16 percent of all branded phishing attempts, ahead of Microsoft in third…

Read more

Microsoft patches gaps according to NSA information
16 January 2023
| No comments
| Short news
Tenable news

Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…

Read more

Ransomware attacks: malicious code with valid certificates
20 December 2022
| No comments
| PR News, Sophos
Ransomware attacks: malicious code with valid certificates

Sophos thwarts ransomware attacks with a rare, malicious driver, but signed with a valid Microsoft digital certificate. The driver targets Endpoint Detection and Response (EDR) processes. The attack is linked to the Cuba Ransomware Group. Sophos found malicious code in several drivers signed with legitimate digital certificates. The new report, Signed Driver Malware Moves up the Software Trust Chain, details the investigation that began with an attempted ransomware attack. The attackers used a malicious driver that was bundled with a legitimate Microsoft Windows Hardware Compatibility Publisher digital certificate.

Read more

Voicemail: Microsoft Dynamic 365 abused for phishing
10 December 2022
| No comments
| PR News
Voicemail: Microsoft Dynamic 365 abused for phishing

Cyber ​​criminals use legitimate Microsoft Dynamic 365 Customer Voice software to send phishing links to steal customer data. Security researchers from Avanan and CheckPoint show how insidious the whole thing is. Dynamics 365 Customer Voice is a Microsoft product primarily intended to receive feedback from customers. It can be used for customer satisfaction surveys to track feedback and aggregate data into actionable insights. Additionally, it can also be used to interact with over the phone, collecting the data for further customer input. Instead of this function...

Read more

Microsoft Office 365: Insecure encryption for emails
19 October 2022
| No comments
| Stories
Microsoft Office 365: Insecure encryption for emails

The labs of the security company WithSecure have bad news: The encryption used for emails in Microsoft Office 365 is not secure because it has a security hole. According to WithSecure, Microsoft does not plan to fix the vulnerability, although the National Institute of Standards and Technology NIST lists the vulnerability as serious in its Vulnerability Database. Microsoft Office 365 Message Encryption (OME) uses the Electronic Codebook (ECB) operating mode. This mode is generally insecure and may reveal information about the structure of the messages sent, resulting in partial or full disclosure of the message...

Read more

CISA vulnerability list grows from Microsoft and MacOS
18 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The CISA (Cybersecurity and Infrastructure Security Agency) has added six additional vulnerabilities to its list of known vulnerabilities. This list usually only includes vulnerabilities that are a common attack vector: Microsoft Windows Driver and MacOS vulnerabilities. A comment from Qualys. The addition of the vulnerabilities comes after adding two more vulnerabilities related to the Microsoft Windows Common Log File System Driver and the Apple iOS/ iPadOS/ macOS Monterey and Big Sur zero-day attacks last week. Some of the vulnerabilities are new, while others are several years old. One is even...

Read more

Cloud Exchange: Accounts without MFA abused for spam
10 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Microsoft reports on analyzed attacks on cloud exchange. Attackers penetrated the cloud exchange accounts using credential stuffing, known passwords from previous data breaches – all without multi-factor authentication (MFA). Then everything was set up for mass spamming via these accounts. Microsoft researchers recently investigated an attack in which malicious Open Authorization (OAuth) applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation found that the threat actor launched credential stuffing attacks against high-risk accounts that didn't have multi-factor authentication (MFA) enabled, and…

Read more

Exchange Server: New 0-day vulnerability - missing patches  
3 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

GTSC security researchers have discovered two new RCE vulnerabilities in MS Exchange Server. There are already suitable exploits for this in the wild. Microsoft was notified of the vulnerabilities and commented “Currently Microsoft is aware of limited targeted attacks”. Around early August 2022, while conducting security monitoring and incident response services, the GTSC SOC team discovered that a critical infrastructure was under attack, specifically their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack exploited an unpublished Exchange vulnerability (a 0-day vulnerability) and therefore immediately developed a temporary containment plan. At the same time, the experts began…

Read more

Russian threat actors target NATO countries like USA
August 23, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Since early 2022, the Microsoft Threat Intelligence Center (MSTIC) has been monitoring SEABORGIUM phishing campaigns targeting over 30 organizations, primarily NATO countries, particularly the US and UK with occasional attacks on other Baltic, Nordic and Eastern European countries Countries. The Microsoft Threat Intelligence Center (MSTIC) monitored SEABORGIUM campaigns and took action to disrupt them. SEABORGIUM is a Russian-born threat actor whose goals and victimology closely align with the interests of the Russian state. Its campaigns include persistent phishing and credential theft campaigns. The intrusion of…

Read more

© 2024 MedPressIT GbR
Cookie Settings