#MicrosoftSecurity

Microsoft creates fake Azure tenants to pull phishers into honeypots

by

October 19, 2024 at 10:41AM Microsoft is employing deceptive strategies against phishing by using realistic honeypot tenants to attract cybercriminals. This approach enables the collection of intelligence on attackers’ methods, facilitating infrastructure mapping, campaign disruption, and prolonged deception. Presented by Ross Bevington at BSides Exeter, it aims to enhance security and understanding of threat actors. … Read more

In Other News: China Making Big Claims, ConfusedPilot AI Attack, Microsoft Security Log Issues

by

October 18, 2024 at 08:47AM China claims to have made advances in encryption cracking and identifying Intel backdoors. Additionally, there are reports on the ConfusedPilot AI attack and Microsoft losing security logs, highlighting significant cybersecurity concerns. **Meeting Takeaways:** 1. **China’s Claims**: There are significant developments regarding China’s assertions about their capabilities in encryption cracking and … Read more

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

by

October 9, 2024 at 03:27AM Microsoft has issued security updates for 118 vulnerabilities, including two under active exploitation. Key vulnerabilities include CVE-2024-43572 and CVE-2024-43573, both related to remote code execution and spoofing. The U.S. CISA has added these to its catalog, mandating fixes by October 29, 2024. ### Meeting Takeaways – Microsoft Security Updates (Oct … Read more

5 CVEs in Microsoft’s October Update to Patch Immediately

by

October 8, 2024 at 05:52PM Microsoft’s October security update addressed 117 vulnerabilities, ranking as the third largest release this year. Of these, two actively exploited flaws require immediate attention. One, CVE-2024-43573, is a spoofing vulnerability in MSHTML, while the other, CVE-2024-43572, is a remote code execution (RCE) flaw in Microsoft Management Console. Three publicly known … Read more

Microsoft Releases October 2024 Security Updates

by

October 8, 2024 at 03:29PM Microsoft released security updates to address vulnerabilities in multiple products. CISA advises users and administrators to review and apply necessary updates from the Microsoft Security Update Guide for October to mitigate potential cyber threats. Based on the meeting notes, the key takeaway is that Microsoft has released security updates to … Read more

Novel Exploit Chain Enables Windows UAC Bypass

by

September 27, 2024 at 03:44PM Researchers have identified a medium-severity vulnerability in Windows, labeled as CVE-2024-6769, which could enable an authenticated attacker to gain full system privileges. Fortra’s proof-of-concept exploit showcases the capability to shut down the system and manipulate critical files, despite Microsoft’s stance that it falls under acceptable security boundaries. The vulnerability allows … Read more

Microsoft: Windows Recall now can be removed, is more secure

by

September 27, 2024 at 02:01PM Microsoft has upgraded its AI-powered Windows Recall feature to enhance security and privacy. The feature, always opt-in, encrypts and filters sensitive content. It now offers stronger default protection for user data, isolation of services, and intentional use, assuring users complete control over their data. Recall will be available for preview … Read more

Embargo ransomware escalates attacks to cloud environments

by

September 27, 2024 at 11:11AM Microsoft warns that the ransomware threat actor Storm-0501 is now targeting hybrid cloud environments and has expanded its tactics to compromise all victim assets. The group has targeted various organizations in the United States and uses various methods to gain access, move laterally, steal data, and deploy the Embargo ransomware. … Read more

Microsoft Names Deputy CISOs, Governance Council to Manage Security Push 

by

September 24, 2024 at 11:54AM Microsoft’s Secure Future Initiative (SFI) is materializing with the establishment of a Cybersecurity Governance Council steered by CISO Igor Tsyganskiy. This council, overseeing a vast cybersecurity engineering effort, appoints Deputy CISOs for specific domains. SFI aims to embed security as a core priority for all Microsoft employees, paired with senior … Read more

Microsoft Trims Cloud Cyberattack Surface in Security Push

by

September 23, 2024 at 05:51PM Microsoft’s Secure Future Initiative (SFI) aims to enhance security by eliminating 730,000 unused apps, 5.75 million inactive cloud tenants, and deploying 15,000 secure devices. Video-based identity verification for most production staff and updated processes further strengthen security. The initiative also focuses on reducing attack surface, enhancing authentication mechanisms, and improving … Read more