Microsoft
Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted
Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service (CaaS) businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and …
Microsoft ICSpector: A leap forward in industrial PLC metadata analysis
Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides …
Veeam adds BaaS capabilities for Veeam Backup for Microsoft 365
Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and …
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications …
December 2023 Patch Tuesday: 33 fixes to wind the year down
Microsoft’s December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. “This month, Microsoft did not patch any zero-day …
“Pool Party” process injection techniques evade EDRs
SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool …
December 2023 Patch Tuesday forecast: ‘Tis the season for vigilance
UPDATE: December 12, 12:12 PM PT – The news is live: December 2023 Patch Tuesday: 33 fixes to wind the year down The final Patch Tuesday of the year is almost upon us! …
Lenovo and Microsoft join forces to simplify security deployments
Lenovo and Microsoft are working together to help organizations operate more securely across their devices, users, apps, data, networks, and cloud services through a …
Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and …
Microsoft announces Defender bug bounty program
Microsoft has announced a new bug bounty program aimed at unearthing vulnerabilities in Defender-related products and services, and is offering participants the possibility to …
42Crunch and Microsoft partner for streamlined API security governance
42Crunch has unveiled the integration of 42Crunch’s API security audit and vulnerability testing solution with Microsoft Defender for Cloud to provide Microsoft customers …
Cohesity expands partnership with Microsoft to improve data restore capabilities for organizations
Cohesity announced it has deepened its relationship with Microsoft to help organizations more quickly respond to and recover from data loss within Microsoft 365 environments. …
Featured news
Sponsored
Don't miss
- Researchers reveal exploitable flaws in corporate VPN clients
- Black Friday shoppers targeted with thousands of fraudulent online stores
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
- How to recognize employment fraud before it becomes a security issue
- Practical strategies to build an inclusive culture in cybersecurity