Microsoft started the year with a massive vulnerability fix, releasing not only its regular first-Tuesday update, which this time covers a total of 96 vulnerabilities, but also issuing a bunch of fixes for the Microsoft Edge browser (mainly related to the Chromium engine). That makes more than 120 vulnerabilities patched since the beginning of the year. This is a clear reason … [Read more...] about Microsoft patches about 100 vulnerabilities, 9 of them critical
microsoft
noPac Exploit: Microsoft AD Flaw May Lead to Total Domain Compromise
What Happened? Microsoft recently published two critical CVEs related to Active Directory (CVE-2021-42278 and CVE-2021-42287), which when combined by a malicious actor could lead to privilege escalation with a direct path to a compromised domain. In mid-December 2021, a public exploit that combined these two Microsoft Active Directory design flaws (referred also as “noPac”) … [Read more...] about noPac Exploit: Microsoft AD Flaw May Lead to Total Domain Compromise
U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws
Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have … [Read more...] about U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws
Cisco Secure Firewall to Support Microsoft Azure Gateway Load Balancer
Microsoft’s recent announcement of its upcoming Azure Gateway Load Balancer is great news for organizations requiring rapidly scalable firewalls with high availability in public cloud. Cisco has partnered with Microsoft and will be supporting Cisco Secure Firewall with Azure Gateway Load Balancer. The Gateway Load Balancer makes rapid scaling of security services with highly … [Read more...] about Cisco Secure Firewall to Support Microsoft Azure Gateway Load Balancer
A Guide to Shift Away from Legacy Authentication Protocols in Microsoft 365
Microsoft 365 (M365), formerly called Office 365 (O365), is Microsoft's cloud strategy flagship product with major changes ahead, such as the deprecation of their legacy authentication protocols. Often stored on or saved to the device, Basic Authentication protocols rely on sending usernames and passwords with every request, increasing the risk of attackers capturing users' … [Read more...] about A Guide to Shift Away from Legacy Authentication Protocols in Microsoft 365
Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks
Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the … [Read more...] about Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks
Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials
An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the ability to 'sniff' traffic in the same network, they can capture domain credentials in … [Read more...] about Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials
Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation
Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that's involved in selling phishing kits and email templates as well as providing hosting and automated services at a low cost, thus enabling cyber actors to purchase phishing campaigns and deploy them with minimal efforts. "With over 100 available phishing templates that mimic known brands … [Read more...] about Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation
Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs
Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by researchers from Wiz, affect a little-known software agent called Open Management … [Read more...] about Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs
Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack
Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with "high confidence" to a threat actor operating out of China. In mid-July, the Texas-based company remedied a remote code execution flaw (CVE-2021-35211) that was rooted in Serv-U's … [Read more...] about Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack