Krebs on Security

JULY 11, 2023

Microsoft Corp. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then quickly pulled) an emergency update to fix a zero-day vulnerability that is being exploited on MacOS and iOS devices. The two other zero-day threats this month for Windows are both privilege escalation flaws.

Software 199

Software Malware Antivirus Ransomware 199

Security Boulevard

DECEMBER 8, 2023

Microsoft’s recent warning regarding active exploits by Russian state-sponsored threat actors, particularly APT28 (Forest Blizzard, Strontium or Fancy Bear), has highlighted a significant vulnerability within Microsoft Outlook. The vulnerability affects.

Accountability 62

Accountability Risk 62

eSecurity Planet

MARCH 16, 2023

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. Critical Outlook Zero-Day The Outlook zero-day, CVE-2023-23397 , with a critical CVSS score of 9.8, is being actively exploited.

Energy and Utilities 98

Energy and Utilities Authentication Firewall Engineering 98

eSecurity Planet

AUGUST 9, 2023

Microsoft’s Patch Tuesday for August 2023 addresses 74 vulnerabilities, six of them critical. The company also issued two advisories, one of them addressing a Microsoft Office flaw that was disclosed but unpatched in last month’s update. The critical Outlook flaw, Barnett added, presents less of a threat.

VPN 98

VPN Security Defenses Cybersecurity Engineering 98

Security Affairs

MAY 11, 2023

An attacker can exploit the vulnerability by crafting a malicious URL that would evade zone checks. “An attacker can craft a malicious URL that would evade zone checks, resulting in a limited loss of integrity and availability of the victim machine” reads the advisory published by Microsoft. ” concludes the expert.

Internet 98

Internet Internet Government Hacking 98

Security Affairs

APRIL 3, 2023

Microsoft addressed a misconfiguration flaw in the Azure Active Directory ( AAD ) identity and access management service. The vulnerability was discovered by Wiz Research which determined that about 25% of multi-tenant applications turned out to be vulnerable. “We found several high-impact, vulnerable Microsoft applications.

Accountability 82

Accountability Education Media Authentication 82

Krebs on Security

DECEMBER 14, 2022

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The security updates include patches for Azure , Microsoft Edge, Office , SharePoint Server , SysInternals , and the.NET framework.

Social Engineering 188

Social Engineering Ransomware Software Engineering 188

NetSpi Technical

MARCH 11, 2024

In 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost.

Authentication 52

Authentication Penetration Testing Technology Phishing 52

eSecurity Planet

JULY 12, 2023

Microsoft’s Patch Tuesday for July 2023 includes nine critical flaws, and five are actively being exploited. “They should be pushed to vulnerable machines immediately.” ” The July 2023 fixes include updates for 130 vulnerabilities, a significant increase from last month’s total of 78. .

Encryption 98

Encryption Accountability VPN Engineering 98

eSecurity Planet

MAY 10, 2023

Microsoft’s Patch Tuesday for May 2023 addresses 38 vulnerabilities, the smallest Patch Tuesday in quite a while. “This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled,” Microsoft noted.

Firmware 89

Firmware Malware Software Risk 89

Security Affairs

FEBRUARY 28, 2024

Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers. In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. ” continues the report.

Energy and Utilities 99

Energy and Utilities Government Firewall Malware 99

DoublePulsar

AUGUST 9, 2023

In this piece we take a look at what happened, show they were running Microsoft Exchange Server with Outlook Web App (OWA) facing the internet, and the unpatched vulnerability that presented. Source: Shodan We can see the version of Microsoft Exchange Server in the data — 15.1.2507.12. However, something was wrong.

Internet 74

Internet Internet Hacking Government 74

Krebs on Security

MARCH 9, 2021

On the off chance you were looking for more security to-dos from Microsoft today…the company released software updates to plug more than 82 security flaws in Windows and other supported software. In the ENKI blog post, the researchers said they will publish proof-of-concept (PoC) details after the bug has been patched.

DNS 310

DNS Internet Internet Software 310

eSecurity Planet

JANUARY 6, 2023

Rackspace has acknowledged that it was hit by the Play ransomware a month ago in an attack that compromised customers’ Microsoft Exchange accounts. The attackers apparently leveraged a zero-day vulnerability called OWASSRF that was recently analyzed by CrowdStrike. New Exploit Identified. Moving on from Exchange.

Ransomware 120

Ransomware Accountability Cybersecurity Network Security 120

Krebs on Security

MARCH 10, 2020

Microsoft Corp. Twenty-six of those earned Microsoft’s most-dire “critical” rating, meaning malware or miscreants could exploit them to gain complete, remote control over vulnerable computers without any help from users. But there are a few eyebrow-raising Windows vulnerabilities worthy of attention.

Backups 250

Backups Software Hacking Malware 250

eSecurity Planet

JUNE 2, 2022

With nearly $200 billion in annual sales, Microsoft is the world’s largest software and information technology (IT) vendor, its products widely used by both companies and consumers. That also makes it the biggest source of vulnerabilities targeted by hackers. ” Microsoft published mitigation strategies on May 30.

Software 108

Software Cybersecurity Accountability Technology 108

Malwarebytes

SEPTEMBER 30, 2022

Microsoft has issued some customer guidance as it investigates (yes, more) reported vulnerabilities in Microsoft Exchange Server, affecting the 2013, 2016, and 2019 versions of the software. The company says it "is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems."

Authentication 88

Authentication Internet Internet Software 88

Security Affairs

JUNE 8, 2022

0patch researchers released an unofficial security patch for a Windows zero-day vulnerability dubbed DogWalk. 0patch released an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) dubbed DogWalk. The expert warned to pay special attention to not open .diagcab

Internet 88

Internet Internet Hacking Cybersecurity 88

Security Affairs

JUNE 25, 2020

Microsoft researchers are warning of attacks against Exchange servers and published guidance on how to defend them. Microsoft’s Defender ATP Research Team released guidance on how to defend against attacks targeting Exchange servers with the use of behavior-based detection. ” reads the analysis published by Microsoft.

Social Engineering 135

Social Engineering Advertising Engineering Authentication 135

SC Magazine

APRIL 13, 2021

Microsoft prepares for a news conference t in Los Angeles, California. Researchers on Tuesday reported that an unknown attacker hacked one Microsoft Exchange server as a means to install a malicious Monero cryptominer onto other Exchange servers to gain access. Photo by Kevork Djansezian/Getty Images).

Hacking 103

Hacking Firewall Media Government 103

Vipre

MARCH 9, 2021

VIPRE Security has released a security update related to last week’s attack affecting Microsoft Exchange Server 2013, 2016, and 2019. The Microsoft Security Response Center issued a detailed update March 5 th with information and guidance for customers who may be affected. KrebsOnSecurity was first to report the hack.

Cybersecurity 75

Cybersecurity Internet Internet Risk 75

Security Affairs

AUGUST 14, 2019

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates. Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘ wormable ‘ issues in Windows Remote Desktop Services. This vulnerability is pre-authentication and requires no user interaction.”

Authentication 85

Authentication Advertising Internet Internet 85

Pen Test Partners

FEBRUARY 14, 2024

October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing (QR Code phishing) and how new AI powered email gateways can potentially block these attacks. Microsoft say they can detect QR images and are able to analyse the embedded URL. What’s the attack?

Phishing 66

Phishing Mobile Social Engineering Data breaches 66

eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. DDoS attack duration: Microsoft. One such example would be the 3.25

DDOS 136

DDOS IoT Engineering DNS 136

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 91

Data breaches DDOS Artificial Intelligence Ransomware 91

Malwarebytes

JULY 30, 2021

LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [ 1 ][ 2 ] on the Microsoft Security blog.

Malware 96

Malware Penetration Testing Passwords Antivirus 96

NopSec

MAY 31, 2023

In this post we cover a critical vulnerability identified in VMWare that could allow a guest OS escape and RCE on your hypvervisor. ManagedEngine ADManager was found vulnerable to yet another command injection vulnerability and Barracuda released a patch to address a remote command execution vulnerability achieved via *.tar

Risk 52

Risk Accountability Authentication Passwords 52

NopSec

MARCH 16, 2020

Particularly, when vulnerability and configuration management are not incorporated as a consideration in the implementation practice of remote teleworking systems, bad things could happen. I will be referring to vulnerability management as the process for managing asset attack surface and security threat exposure.

VPN 40

VPN Accountability Risk System Administration 40

SecureList

DECEMBER 14, 2021

While looking for potentially malicious implants that targeted Microsoft Exchange servers, we identified a suspicious binary that had been submitted to a multiscanner service in late 2020. assembly that is intended to be loaded as a module within an IIS web server that also exposes Exchange’s Outlook Web Access (OWA).

Authentication 101

Authentication Encryption Accountability Passwords 101

SecureWorld News

SEPTEMBER 10, 2020

Organizations and their employees shifted to remote working, which has opened the door for many cybercriminals to exploit new vulnerabilities in ways they have not before. In a blog post outlining the report, authors listed four things that organizations must takeaway when reading the report. Trends of cyber insurance claims for 2020.

Cyber Insurance 54

Cyber Insurance Insurance Ransomware Cyber Attacks 54

Krebs on Security

OCTOBER 13, 2020

In keeping with that theme, if you (ab)use Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. That means it’s once again time to backup and patch up. 10 is the most awful).

Backups 305

Backups Malware Engineering Software 305

Security Affairs

JANUARY 11, 2019

As usual, the mail conveys malicious Excel files exploiting the popular CVE-2017-11882 vulnerability to run an executable retrieved from a malicious website, previously compromised by the attackers. CryptDecrypt” Microsoft function, which is dynamically invoked into the AutoIt script through the high-level API “ DllCall ”.

Malware 76

Malware Phishing Advertising InfoSec 76

Malwarebytes

MARCH 29, 2023

The research in question focuses on several Microsoft applications, with everything stemming from a new type of attack aimed at Azure Active Directory. According to Wiz, once the team started scanning for exposed applications, no fewer than 35% of the apps they scanned were vulnerable to authentication bypass.

Accountability 97

Accountability Authentication Engineering Government 97

NetSpi Technical

NOVEMBER 2, 2023

To understand the vulnerability, there are a few things to understand about the Entra ID authentication flow. For this vulnerability to be present, four specific requirements must first be met: The attacker must have valid credentials to sign into the Entra ID domain.

Authentication 143

Authentication Accountability Social Engineering Penetration Testing 143

Security Affairs

JUNE 8, 2021

Experts found four security flaws in the Microsoft Office suite that cloud allow attackers to weaponize Word and Excel docs. Experts from Check Point discovered four security vulnerabilities in the Microsoft Office suite that an attacker could exploit to craft weaponized Word and Excel documents. ” concludes the report.

Hacking 90

Hacking Information Security Cybersecurity 90

eSecurity Planet

JANUARY 28, 2022

Video conferencing vendor Zoom has seen its fortunes soar amid the remote work boom of the last two years, and other cloud collaboration platforms like Microsoft Teams and Cisco Webex have seen demand skyrocket too. Vulnerabilities Found on Platform. Both vulnerabilities were reported to Zoom, which fixed them on Nov.

Social Engineering 130

Social Engineering Engineering Phishing Accountability 130

SecureList

FEBRUARY 15, 2021

In their email campaigns, scammers who imitated major companies, such as Amazon, PayPal, Microsoft, etc., The fake videoconference links opened fake Microsoft and WeTransfer pages, which contained fields for entering the login and password for a work account. The link opened a phishing page disguised as the Outlook web interface.

Phishing 136

Phishing Malware Scams Accountability 136