Security Affairs

APRIL 11, 2023

A flaw in Microsoft Azure could be exploited by attackers to gain access to storage accounts, perform lateral movements, and even execute remote code. Researchers from the security firm Orca demonstrated how to abuse Microsoft Azure Shared Key authorization to gain full access to storage accounts and potentially critical business assets.

Access 98

Access Education Authentication Security 98

Security Affairs

FEBRUARY 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds 2 Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. Microsoft released Patch Tuesday security updates for February 2024 that resolved a total of 72 vulnerabilities, including the above vulnerabilities that are actively exploited in the wild.

IT 119

IT Cybersecurity Information Security Security 119

Krebs on Security

MAY 5, 2021

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. ” Since then, Microsoft added a policy that allows Office 365 administrators to block users from consenting to an application from a non-verified publisher.

Passwords 316

Passwords Phishing Authentication Cloud 316

Dark Reading

MAY 11, 2023

As a way to enhance the security of MFA, Microsoft will require users to authorize login attempts by entering a numeric code into the Microsoft Authenticator app.

Authentication 86

Authentication Security 86

Krebs on Security

JANUARY 13, 2020

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S.

Military 262

Military Cybersecurity Encryption Authentication 262

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me. krebsonsecurity[.]top top (NOT a safe domain, hence the hobbling).

Honeypots 347

Honeypots Mining Encryption Communications 347

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. ” As ZDNet notes , Apple, Google and Microsoft already support these passwordless standards (e.g.

Passwords 231

Passwords Authentication Phishing Cloud 231

Security Affairs

MARCH 8, 2021

The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The European Banking Authority announced that it was the victim of a cyber attack against its email system that exploited recently disclosed zero-day vulnerabilities in Microsoft Exchange.

Personal data 129

Personal data Access Cybersecurity Security 129

Krebs on Security

FEBRUARY 9, 2021

Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. A domain controller is a server that responds to security authentication requests in a Windows environment, and a compromised domain controller can give attackers the keys to the kingdom inside a corporate network.

Access 288

Access Phishing Authentication Security 288

Security Affairs

OCTOBER 20, 2022

Microsoft disclosed a data leak, sensitive data of some of its customers were exposed by a misconfigured Microsoft server accessible online. Microsoft announced that sensitive data belonging to some of its customers were exposed on the Internet due to a misconfigured Microsoft server. Pierluigi Paganini.

Cloud 125

Cloud Access Authentication Security 125

eSecurity Planet

FEBRUARY 26, 2024

Critical vulnerabilities have been discovered across multiple systems, including Microsoft Exchange Servers, the Bricks Builder Theme for WordPress, VMware, ScreenConnect, Joomla, and Apple Shortcuts. Organizations must prioritize implementing effective security measures and conducting frequent audits.

Risk 106

Risk Authentication Systems administration Ransomware 106

Security Affairs

AUGUST 27, 2021

Microsoft has fixed a critical flaw in Cosmos DB that allowed any Azure user to remotely take over other users’ databases without any authorization. ” reads the post published by the security firm, Azure Cosmos Darabase is Microsoft’s globally-distributed multi-model database service.

Cloud 119

Cloud Access Security Risk 119

Security Affairs

FEBRUARY 28, 2024

Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. ” In February 2024, a court order allowed US authorities to neutralize the Moobot botnet, a network of hundreds of small office/home office (SOHO) routers under the control of the Russia-linked group APT28.

Energy and Utilities 109

Energy and Utilities Military Government Phishing 109

Security Affairs

NOVEMBER 2, 2023

Researchers speculate that the recent shutdown of the Mozi botnet was the response of its authors to the pressure from Chinese law enforcement. ESET researchers speculate that the recent shutdown of the Mozi botnet was the result of its operators’ choice, possibly due to pressure from Chinese authorities.

IoT 108

IoT Manufacturing IT Security 108

Security Affairs

APRIL 27, 2023

Microsoft revealed that recent attacks against PaperCut servers aimed at distributing Cl0p and LockBit ransomware. Microsoft linked the recent attacks against PaperCut servers to a financially motivated threat actor tracked as Lace Tempest (formerly DEV-0950 ). Since April 13, Lace Tempest added the PaperCut exploits to its arsenal.

Ransomware 95

Ransomware Education Security IT 95

Security Affairs

FEBRUARY 18, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 109

Security Ransomware Data breaches Libraries 109

Krebs on Security

NOVEMBER 13, 2021

According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities. The phony message sent late Thursday evening via the FBI’s email system. Image: Spamhaus.org.

Access 362

Access Security Communications IT 362

Security Affairs

APRIL 8, 2022

Microsoft obtained a court order to take over seven domains used by the Russia-linked APT28 group to target Ukraine. Microsoft on Thursday announced it has obtained a court order to take over seven domains used by Russia-linked cyberespionage group APT28 in attacks against Ukraine. ” reads the announcement published by Microsoft.

Military 120

Military Government Phishing Security 120

Security Affairs

JANUARY 15, 2024

The vulnerability was addressed by Microsoft with the release of Patch Tuesday security updates for November 2023. The vulnerability is a Windows SmartScreen Security Feature Bypass issue. Microsoft Windows Defender SmartScreen should warn users with a security prompt before executing the.url file from an untrusted source.”

Archiving 119

Archiving Phishing Ransomware Cloud 119

Security Affairs

FEBRUARY 8, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. “the U.S. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities 120

Energy and Utilities Communications Military Manufacturing 120

eSecurity Planet

APRIL 28, 2022

Topping the list were the Log4Shell vulnerability and Microsoft bugs ProxyShell and ProxyLogon. Microsoft occupied more than half the list, with Exchange Server accounting for eight of the vulnerabilities. VMware, Atlassian, Pulse Secure and Fortinet rounded out the list. See the Top Secure Email Gateways. “U.S.,

Cybersecurity 106

Cybersecurity Risk Access Security 106

Threatpost

SEPTEMBER 15, 2020

Security researchers and U.S. government authorities alike are urging admins to address Microsoft's critical privilege escalation flaw.

Government 129

Government Security Authentication 129

Security Affairs

APRIL 14, 2021

FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious code used by threat actors. “Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States. .

Access 111

Access Government Security Cybersecurity 111

Security Affairs

APRIL 19, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence.

Energy and Utilities 111

Energy and Utilities Communications Military Manufacturing 111

Krebs on Security

DECEMBER 18, 2020

National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to impersonate authorized users on victim networks. ” VMware released a software update to plug the security hole ( CVE-2020-4006 ) on Dec. ” VMware released a software update to plug the security hole ( CVE-2020-4006 ) on Dec.

Authentication 355

Authentication Access Security Government 355

Krebs on Security

MAY 12, 2022

On May 8, KrebsOnSecurity received a tip that hackers obtained a username and password for an authorized user of esp.usdoj.gov , which is the Law Enforcement Inquiry and Alerts (LEIA) system managed by the DEA. The DEA declined to comment on the validity of the claims, issuing only a brief statement in response.

Authentication 264

Authentication Passwords Government Access 264

Krebs on Security

APRIL 3, 2024

In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. ” Asked why they left Pakistan, Saim Raza said the authorities there just wanted to shake them down. Image: DomainTools. . Second I leave country already.

Phishing 209

Phishing Passwords Risk Sales 209

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). The author behind Meduza distributed the following notification about the update on multiple underground communities and Telegram group: Attention!

Passwords 134

Passwords Authentication Data collection Privacy 134

Security Affairs

AUGUST 2, 2022

At the end of July, Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. Follow me on Twitter: @securityaffairs and Facebook.

Security 97

Security IT Information Security 97

Security Affairs

MARCH 11, 2021

Norway parliament, the Storting, has suffered a new cyberattack, hackers stole data by exploiting recently disclosed Microsoft Exchange vulnerabilities. According to Microsoft , the Hafnium APT exploited these vulnerabilities in targeted attacks against US organizations. . “The Storting has again been hit by an IT attack.

Data breaches 109

Data breaches Access Security Government 109

Security Affairs

AUGUST 9, 2022

Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows. Microsoft states that the issue is a variant of the Dogwalk vulnerability that was disclosed in June. An attacker can trigger the flaw by tricking the victims into opening specially crafted files.

Security 122

Security Cloud IT Information Security 122

Security Affairs

AUGUST 3, 2023

CISA, the NSA, and the FBI, in collaboration with cybersecurity authorities from Australia, Canada, New Zealand, and the United Kingdom, have published a list of the 12 most exploited vulnerabilities of 2022. CISA, the FBI, and NSA, along with Five Eyes cybersecurity agencies published a list of the 12 most exploited vulnerabilities of 2022.

Authentication 95

Authentication Cybersecurity Access Risk 95

Security Affairs

AUGUST 30, 2021

Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging enterprises to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB. reads the post published by the security firm, Azure Cosmos Darabase is Microsoft’s globally-distributed multi-model database service.

Cloud 107

Cloud Access Cybersecurity Security 107

Security Affairs

NOVEMBER 23, 2021

Vxers are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on Sunday. Malware authors are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on Sunday.

Security 116

Security IT Cybersecurity Information Security 116

Thales Cloud Protection & Licensing

DECEMBER 7, 2022

Thales CipherTrust Data Security Platform Validated For Microsoft Azure Stack Hub and HCI. As security breaches continue with alarming regularity and compliance mandates become more pervasive, companies must discover and protect sensitive data across on premises, hybrid, and multi-cloud environments. Thu, 12/08/2022 - 07:05.

Security 93

Security Cloud Digital transformation Compliance 93

Krebs on Security

AUGUST 14, 2020

The company has access to a wealth of personal, financial and medical information on tens of millions of patients, including names, dates of birth, Social Security numbers, billing information and medical diagnostic data. According to Trend Micro , Defray usually is spread via booby-trapped Microsoft Office documents sent via email.

Ransomware 358

Ransomware Insurance Phishing IT 358

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day in the Windows Common Log File System (CLFS) actively exploited in ransomware attacks. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks.

Ransomware 98

Ransomware Education Cybersecurity Security 98