Microsoft
87% of the ransomware found on the dark web has been delivered via malicious macros
Venafi announced the findings of a dark web investigation into ransomware spread via malicious macros. Conducted in partnership with criminal intelligence provider Forensic …
The most impersonated brand in phishing attacks? Microsoft
Vade announced its H1 2022 Phishers’ Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks. Microsoft came in at #1 on the list, followed by …
Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed. Threat actors are switching …
SafeGuard Cyber integrates with Okta and Azure AD to automate identity-based responses for enterprises
SafeGuard Cyber launched automated response and multi-channel user onboarding with Microsoft Azure AD and Okta integrations for its security and risk management platform. …
Infobip partners with Microsoft to enhance digital communications
Infobip enhances its collaboration with Microsoft by integrating its WhatsApp and SMS channels to help businesses to deepen customer relationships, increase loyalty and boost …
CommScope partners with Microsoft to help transform industrial manufacturing
CommScope announced that it has collaborated with Microsoft to create a converged private wireless network solution, enabling new low-latency and mobile applications to …
Avertium Fusion MXD strengthens threat defense intelligence for Microsoft Security customers
Avertium announced Fusion MXDR, a new service the security partner is providing for Microsoft Security customers. This threat-informed, managed extended detection and response …
Microsoft adds default protection against RDP brute-force attacks
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston of Enterprise and OS Security at …
How to prepare your organization for a Slack or Office 365 breach
Whether it’s Slack or Office 365, communication and workflow apps are an essential tool for organizations to collaborate efficiently regardless of geography. However, using …
Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor …
Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …
July 2022 Patch Tuesday forecast: A summertime lull?
June 2022 Patch Tuesday wrapped up a few loose ends we were waiting on. The Follina remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility