December 18, 2023 at 01:23PM Microsoft has released a new troubleshooter tool to address an issue where the HP Smart app was automatically installing on Windows after renaming all printers to HP LaserJet M101-M106. The tool is available for download and requires admin privileges to run, aiming to restore printer information and remove the incorrect … Read more
December 18, 2023 at 05:52AM A new wave of QakBot malware phishing targeting the hospitality industry was discovered by Microsoft. The phishing campaign began on December 11, 2023, distributing a PDF with a URL leading to an MSI file. Cisco Talos had previously noted QakBot affiliates using phishing to distribute ransomware and other malware. The … Read more
December 17, 2023 at 04:44PM The QakBot malware, previously disrupted by law enforcement, has resurfaced in new phishing campaigns. Microsoft warns of email phishing attacks impersonating IRS employees, distributing QakBot via a malicious PDF file. The malware, initially a banking trojan, has evolved into a delivery service for ransomware attacks and data theft, using various … Read more
December 14, 2023 at 01:34PM Microsoft’s Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group, Storm-1152, which was involved in selling over 750 million fraudulent accounts. The group provided services to bypass various verification challenges and supplied accounts to other cybercriminal groups for use in ransomware and phishing attacks. Microsoft filed a … Read more
December 14, 2023 at 06:24AM Microsoft announced the dismantling of Storm-1152, a cybercrime-as-a-service network that generated 750 million fraudulent Microsoft accounts for phishing and other criminal activities. The illicit group made millions by selling these accounts and tools to other cybercrime groups, prompting Microsoft to seize their infrastructure and reveal the identities of key operators. … Read more
December 14, 2023 at 01:12AM Microsoft obtained a court order to seize infrastructure set up by cybercriminal group Storm-1152, which sold approximately 750 million fraudulent Microsoft accounts and tools to other criminal actors, netting millions of dollars. This cybercrime-as-a-service operation facilitated mass phishing, identity theft, DDoS attacks, ransomware, and fraud. The group was attributed to … Read more
December 13, 2023 at 06:47PM Microsoft’s Digital Crimes Unit seized Storm-1152’s domains, used by a Vietnam-based cybercrime group, involved in selling millions of fraudulent accounts and tools to bypass identity verification. These accounts were used in various cybercrimes, resulting in substantial financial damages. Microsoft also took legal action against individuals linked to this operation, as … Read more
December 12, 2023 at 02:02PM Today’s December 2023 Patch Tuesday from Microsoft addresses 34 flaws, including an unpatched vulnerability in AMD CPUs. Notably, it resolves a public zero-day AMD bug and includes a total of 8 fixes for Microsoft Edge flaws. Additionally, updates from other vendors in December are detailed, along with a list of … Read more
December 12, 2023 at 08:48AM Sandman, an APT actor recently identified, is linked to China, as per a report by SentinelOne, Microsoft, and PwC. Their sophisticated modular backdoor, LuaDream, was highlighted in attacks on telecom providers in the Middle East, Europe, and South Asia. The report links Sandman to China-based threat actor STORM-0866/Red Dev 40 … Read more
November 27, 2023 at 04:02PM Microsoft is deprecating Defender Application Guard for Office and Windows Security Isolation APIs. They recommend using Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as alternatives. Application Guard for Office is a security feature that restricts files downloaded from untrusted sources, protecting against malware … Read more