A group of Israeli researchers exploring the limits of VSCode security have managed to "infect" over 100 organizations with a typosquatting Dracula extension that was weaponized with risky code. [...]
...moreSummary
Total Articles Found: 18
Top sources:
Top Keywords:
- Microsoft: 18
- Security: 10
- Software: 3
- vulnerability: 2
- Breaking News: 2
Top Authors
- Lawrence Abrams: 5
- Sergiu Gatlan: 3
- Bill Toulas: 2
- Pierluigi Paganini: 2
- Mayank Parmar: 2
Top Articles:
- New DFSCoerce NTLM Relay attack allows Windows domain takeover
- Two zero days and 15 critical flaws fixed in July’s Patch Tuesday
- Adobe is telling Windows 10 users to uninstall Flash Player
- Microsoft Teams outage also takes down Microsoft 365 services
- Microsoft Copilot fixed worldwide after 24 hour outage
- New PetitPotam attack allows take over of Windows domains
- Microsoft: DPRK hackers 'likely' hit researchers with Chrome exploit
- Malicious VSCode extensions with 229M installs found on Microsoft marketplace
- AI-Powered Malware Bypasses All Known Antivirus Solutions, Researchers Warn
- Windows Zerologon PoC exploits allow domain takeover. Patch Now!
Malicious VSCode extensions with 229M installs found on Microsoft marketplace
LLM Says: ""Extension Nightmare""
Microsoft Executives Hacked
Published: 2024-01-29 12:03:42
Popularity: 12
Author: Bruce Schneier
Keywords:
Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. ...
...moreMicrosoft confirms new Exchange zero-days are used in attacks
Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. [...]
...moreTikTok vulnerability could have allowed hijackers to take over accounts
Published: 2022-09-01 12:00:00
Popularity: 18
Author: None
Keywords:
LLM Says: "TikTok hijacked"
Categories: News Tags: Exploit Tags: vulnerability Tags: Tik-Tok Tags: Microsoft Tags: JavaScript We take a look at a TikTok exploit discovered by Microsoft and passed on to the social media giant to have fixed. (Read more...) The post TikTok vulnerability could have allowed hijackers to take over accounts appeared first on Malwarebytes Labs.
...moreMicrosoft starts blocking Office macros by default, once again
Microsoft announced today that it resumed the rollout of VBA macro auto-blocking in downloaded Office documents after temporarily rolling it back earlier this month following user feedback. [...]
...moreMicrosoft Teams outage also takes down Microsoft 365 services
What initially started like a minor Microsoft Teams outage has also taken down multiple Microsoft 365 services with Teams integration, including Exchange Online, Windows 365, and Office Online. [...]
...moreNew DFSCoerce NTLM Relay attack allows Windows domain takeover
A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely take over a Windows domain. [...]
...moreLapsus$ extortion gang leaked the source code for some Microsoft projects
Published: 2022-03-22 09:56:53
Popularity: 16
Author: Pierluigi Paganini
Keywords:
The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […] The post Lapsus$ extortion gang leaked the source code for some Microsoft projects appeared first on Security Affairs.
...moreNew PetitPotam attack allows take over of Windows domains
A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain. [...]
...moreExperts bypassed Microsoft’s emergency patch for the PrintNightmare
Published: 2021-07-08 07:34:54
Popularity: 11
Author: Pierluigi Paganini
Keywords:
The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an out-of-band KB5004945 security update to address the PrintNightmare vulnerability, unfortunately, the patch is incomplete and still allows remote code execution. Researchers have demonstrated that it is possible to bypass the emergency patch to achieve remote code execution […] The post Experts bypassed Microsoft’s emergency patch for the PrintNightmare appeared first on Security Affairs.
...moreMicrosoft: DPRK hackers 'likely' hit researchers with Chrome exploit
Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.' [...]
...moreSkype is down worldwide - Microsoft working on issues
Skype users are currently experiencing issues around the world, with users reporting that they are getting signed out of their Skype account and company accounts automatically. [...]
...moreAdobe is telling Windows 10 users to uninstall Flash Player
Published: 2020-12-30 22:35:33
Popularity: 694
Author: Lawrence Abrams
Keywords:
With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player. [...]
...moreWindows Zerologon PoC exploits allow domain takeover. Patch Now!
Researchers have released exploits for the Windows Zerologon CVE-2020-1472 vulnerability that allow an attacker to take control of a Windows domain. Install patches now! [...]
...moreTwo zero days and 15 critical flaws fixed in July’s Patch Tuesday
Published: 2019-07-10 11:08:05
Popularity: 731
Author: John E Dunn
Keywords:
Patch Tuesday July 2019 offers fixes for a total of 77 vulnerabilities, including 15 marked critical, rounded out by two zero-day flaws.
...moreUnpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes
Published: 2019-03-12 15:09:12
Popularity: 92
Author: Tara Seals
Keywords:
Microsoft won't be patching the bug, but a proof of concept shows the potential for successful malware implantation.
...moreMicrosoft Copilot fixed worldwide after 24 hour outage
LLM Says: ""AI back online""
After over a 24-hour outage, Microsoft's Bing, Copilot, and Copilot in Windows services are back online worldwide, with no information released as to what caused the problem. [...]
...moreAI-Powered Malware Bypasses All Known Antivirus Solutions, Researchers Warn
LLM Says: ""AI UhOh""
Researchers have discovered "MalVAI," an AI-powered malware that can bypass all known antivirus solutions by constantly adapting its behavior and code to evade detection. This new threat highlights the obsolescence of traditional cybersecurity methods, prompting an urgent need for AI-driven defense mechanisms. Experts emphasize the necessity for the cybersecurity industry to innovate and develop dynamic solutions capable of evolving alongside sophisticated AI-driven attacks.
...more