April 24, 2024 at 11:24AM Microsoft has introduced Start menu ads in the optional KB5036980 preview update for Windows 11, aiming to showcase apps from the Microsoft Store. It follows recent improvements to the Start menu and can be disabled in settings. This update allows Windows admins to test upcoming fixes and features, but does … Read more
April 24, 2024 at 09:15AM The US cybersecurity agency CISA has added a two-year-old Windows Print Spooler flaw, CVE-2022-38028, to its Known Exploited Vulnerabilities catalog due to exploitation by APT28. Federal agencies are required to address this vulnerability within three weeks, while all organizations are urged to perform vulnerability assessments and apply the available patches … Read more
April 23, 2024 at 03:58PM Microsoft released hotfix updates to address known issues affecting Exchange servers post installing the March 2024 security updates. The optional April 2024 HU adds support for ECC certificates and Hybrid Modern Authentication (HMA) for OWA/ECP. Redmond fixed issues in Outlook on the Web (OWA) and Microsoft Word document previews. Both … Read more
April 23, 2024 at 10:13AM APT28, a Russia-linked cyberespionage group, utilized Windows Print Spooler vulnerabilities to deploy GooseEgg, a custom post-exploitation tool targeting organizations in the US, Ukraine, and Western Europe. The tool can grant attackers elevated privileges, enabling activities such as remote code execution and backdoor deployment. Microsoft advises applying security updates and disabling … Read more
April 23, 2024 at 01:27AM APT28, also known as Fancy Bear and Forest Blizzard, perpetrated cyber attacks using GooseEgg malware exploiting a Windows Print Spooler flaw, targeting organizations in Ukraine, Western Europe, and North America. The group, affiliated with Russia’s military intelligence agency, has a history of using public exploits for intelligence gathering. IBM X-Force … Read more
April 22, 2024 at 01:25PM Microsoft warns of the Russian APT28’s GooseEgg tool exploiting Windows Print Spooler vulnerability to escalate privileges and steal data. The group, linked to Russia’s GRU, deploys GooseEgg using Windows batch scripts, dropping a malicious DLL to gain SYSTEM-level access. GooseEgg has been used in cyber attacks against various government and … Read more
April 17, 2024 at 10:04AM WithSecure’s report reveals the discovery of the new Kapeka backdoor, linked to Russian APT group Sandworm, targeting Eastern Europe since 2022. Microsoft identifies it as KnuckleTouch, describing its involvement in ransomware campaigns and multifunctional capabilities. The backdoor’s advanced features indicate APT-level activity, showing conceptual overlaps with GreyEnergy and Prestige. Based … Read more
April 17, 2024 at 08:17AM Microsoft added the Copilot app via recent Edge updates to Windows devices without permission, causing concerns. The app does not collect or transmit data and is intended for future Windows Copilot enablement. However, it erroneously appears as installed. Microsoft plans to resolve the issue and is testing ads in the … Read more
April 15, 2024 at 03:17PM Microsoft is combating spam by implementing a daily Exchange Online bulk email limit of 2,000 external recipients from January 2025. This aims to prevent resource abuse and unfair usage. The limit will be phased in and existing tenants may need to switch to Azure Communication Services for Email. Google has … Read more
April 15, 2024 at 10:12AM Microsoft announced AI Access Principles to guide its conduct in the AI economy amidst criticism. The principles aim to promote competition and innovation. However, concerns arise from past actions, such as creating a “walled garden” around OpenAI and discriminatory practices. Recommendations include revoking exclusivity agreements and eliminating upcharges to foster … Read more