Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

November 29, 2024 at 05:33AM Microsoft addressed four security vulnerabilities in its AI and cloud offerings, including a critical privilege escalation flaw (CVE-2024-49035) exploited in the wild. Other flaws include XSS and authentication issues in various products. While most have been mitigated, users are advised to update Dynamics 365 Sales apps for security. ### Meeting … Read more

Security? We’ve heard of it: How Microsoft plans to better defend Windows

November 25, 2024 at 02:24PM Microsoft emphasized its commitment to cybersecurity during discussions about its Secure Future Initiative, highlighting the Windows Resiliency Initiative. In response to past security incidents, the company aims to enhance app permissions, improve identity protection, and introduce features like Quick Machine Recovery, aiming for safer updates and reduced vulnerabilities by July … Read more

Microsoft Highlights Security Exposure Management at Ignite

November 22, 2024 at 08:43AM Microsoft has launched its Security Exposure Management offering, adding continuous threat exposure management (CTEM) to its security portfolio. This proactive approach aims to reduce breaches and improve vulnerability detection. It integrates with Microsoft 365 licenses, supports third-party tools, and provides a comprehensive view of organizational security postures. ### Meeting Takeaways … Read more

Microsoft Power Pages misconfigurations exposing sensitive data

November 15, 2024 at 01:39AM Misconfigured Microsoft Power Pages websites are exposing sensitive data of millions, including personal identifiable information (PII), due to lax access controls. Aaron Costello of AppOmni highlights significant leaks, such as one affecting 1.1 million NHS employees. Organizations must enhance security measures for external-facing sites to prevent data breaches. **Meeting Takeaways:** … Read more

Revamped Remcos RAT Deployed Against Microsoft Windows Users

November 11, 2024 at 04:49PM Threat actors are using a modified Remcos RAT to exploit a Microsoft Windows vulnerability via phishing emails. The malware utilizes multiple script languages to evade detection and installs itself through a complex process. Experts emphasize the need for patch management, employee training, and endpoint protection as critical defenses against such … Read more

Microsoft: Chinese hackers use Quad7 botnet to steal credentials

October 31, 2024 at 04:10PM Microsoft has reported that Chinese threat actors utilize the Quad7 botnet, composed of hacked SOHO routers, for password-spray attacks to steal credentials. The botnet employs custom malware for remote access and evades detection using a SOCKS5 proxy. Once credentials are obtained, networks are compromised to exfiltrate data. ### Meeting Takeaways … Read more

Russian spies use remote desktop protocol files in unusual mass phishing drive

October 30, 2024 at 08:48AM Microsoft reports a two-week mass phishing campaign by Russia’s SVR, targeting over 100 organizations through novel techniques, including remote desktop protocol (RDP) configuration files. The campaign, which began on October 22, impersonates Microsoft and other providers, primarily affecting entities in the UK, Europe, Australia, and Japan. ### Meeting Takeaways 1. … Read more

Microsoft creates fake Azure tenants to pull phishers into honeypots

October 19, 2024 at 10:41AM Microsoft is employing deceptive strategies against phishing by using realistic honeypot tenants to attract cybercriminals. This approach enables the collection of intelligence on attackers’ methods, facilitating infrastructure mapping, campaign disruption, and prolonged deception. Presented by Ross Bevington at BSides Exeter, it aims to enhance security and understanding of threat actors. … Read more

In Other News: China Making Big Claims, ConfusedPilot AI Attack, Microsoft Security Log Issues

October 18, 2024 at 08:47AM China claims to have made advances in encryption cracking and identifying Intel backdoors. Additionally, there are reports on the ConfusedPilot AI attack and Microsoft losing security logs, highlighting significant cybersecurity concerns. **Meeting Takeaways:** 1. **China’s Claims**: There are significant developments regarding China’s assertions about their capabilities in encryption cracking and … Read more

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

October 9, 2024 at 03:27AM Microsoft has issued security updates for 118 vulnerabilities, including two under active exploitation. Key vulnerabilities include CVE-2024-43572 and CVE-2024-43573, both related to remote code execution and spoofing. The U.S. CISA has added these to its catalog, mandating fixes by October 29, 2024. ### Meeting Takeaways – Microsoft Security Updates (Oct … Read more