Energy Sector Phish Swims Past Microsoft Email Security via Google Drive
The savvy technique of avoiding malicious links in the email allowed the phishing attack to reach its targets.
Source: Threat Post –
[...]
microsoft
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Similar to the now-patched ‘BlueKeep’ vulnerability, two flaws fixed today could let malware spread across vulnerable computers.
Source: Dark Reading – Threat
[...]
Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys
An ongoing campaign is hosting its phishing landing pages on enterprise-class public cloud storage services — a nascent trend meant to throw defenders
[...]
Microsoft Contractors are Listening some Personal Conversations of Skype Calls and Cortana Commands
Microsoft contractors manually listening to the personal conversation of Skype users and Cortana commands according to Motherboard report. The conversation conducted through app’s
[...]
Microsoft Launches Azure Security Lab, Bounty Reward for Researchers up to $40,000
Microsoft launched Azure Security Lab, a set of dedicated cloud hosts for researchers to confidently and aggressively test Azure vulnerabilities. Azure is a
[...]
Microsoft Opens Azure Security Lab, Raises Top Azure Bounty to $40K
Microsoft has invited security experts to ‘come and do their worst’ to mimic cybercriminals in the Azure Security Lab.
Source: Dark Reading
[...]
How Cybercriminals Break into the Microsoft Cloud
Microsoft and Trimarc researchers explore the most common attacks against the cloud and effective defenses and mitigation.
Source: Dark Reading – Threat
[...]
Vuln: Microsoft Windows 'OleCreateFontIndirectExt' Out of Bounds Read Information Disclosure Vulnerability
Microsoft Windows ‘OleCreateFontIndirectExt’ Out of Bounds Read Information Disclosure Vulnerability
Source: Security Focus – Vuln: Microsoft Windows ‘OleCreateFontIndirectExt’ Out of Bounds Read
[...]
Why Microsoft’s BlueKeep Bug Hasn’t Wreaked Havoc—Yet
Microsoft’s critical vulnerability remains unpatched in hundreds of thousands of computers, and may already be exploited in secret.
Source: Wired – Why
[...]
Microsoft going for Passwordless login for Windows 10 – bye! bye! for Passwords
Microsoft released Windows 10 Insider Preview Build (20H1) to Windows Insiders in the Fast ring that includes the support for passwordless authentication and
[...]