Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 3
48 résultats taggé Microsoft  ✕
Iran responsible for Charlie Hebdo attacks https://www.microsoft.com/en-us/security/business/security-insider/uncategorized/iran-responsible-for-charlie-hebdo-attacks/
06/02/2023 19:44:22
QRCode
archive.org
thumbnail

Today, Microsoft’s Digital Threat Analysis Center (DTAC) is attributing a recent influence operation targeting the satirical French magazine Charlie Hebdo

microsoft DTAC EN 2023 attribution Iran influence France CharlieHebdo EmennetPasargad
No Macro? No Worries. VSTO Being Weaponized by Threat Actors https://www.deepinstinct.com/blog/no-macro-no-worries-vsto-being-weaponized-by-threat-actors
06/02/2023 18:54:47
QRCode
archive.org
thumbnail

A software development toolset, VSTO is available in Microsoft’s Visual Studio IDE. It enables Office Add-In’s (a type of Office application extension) to be developed in .NET and also allows for Office documents to be created that will deliver and execute these Add-In’s.

deepinstinct EN 2023 Weaponized VSTO Microsoft VisualStudio IDE Add-In
Qakbot's Evolution Continues with New Strategies https://blog.cyble.com/2023/02/01/qakbots-evolution-continues-with-new-strategies/
01/02/2023 21:48:20
QRCode
archive.org
thumbnail

Cyble Research & Intelligence Labs analyzes new strategies deployed by Qakbot to infect users via Microsoft OneNote.

Cyble EN 2023 Qakbot Microsoft OneNote
Threat groups are using Windows LNK files to gain access https://www.theregister.com/2023/01/23/threat_groups_malicious_lnk/
24/01/2023 06:04:45
QRCode
archive.org
thumbnail

Microsoft's move last year to block macros by default in Office applications is forcing miscreants to find other tools with which to launch cyberattacks, including the software vendor's LNK files – the shortcuts Windows uses to point to other files.

theregister EN 2023 LNK macros Microsoft Windows threat
ZINC weaponizing open-source software - Microsoft Security Blog https://www.microsoft.com/en-us/security/blog/2022/09/29/zinc-weaponizing-open-source-software/
28/12/2022 11:39:07
QRCode
archive.org
thumbnail

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including media, defense and aerospace, and IT services in the US, UK, India, and Russia. Based on the observed tradecraft, infrastructure, tooling, and account affiliations, MSTIC attributes this campaign with high confidence to ZINC, a state-sponsored group based out of North Korea with objectives focused on espionage, data theft, financial gain, and network destruction.

microsoft EN 2022 Microsoft weaponized ZINC open-source MSTIC apt North-Korea
Microsoft-signed malicious Windows drivers used in ransomware attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-signed-malicious-windows-drivers-used-in-ransomware-attacks/
14/12/2022 10:19:13
QRCode
archive.org
thumbnail

Microsoft has revoked several Chardware developer accounts after drivers signed through their profiles were used in cyberattacks, including ransomware incidents.

bleepingcomputer EN 2022 Microsoft-signed Microsoft cyberattacks drivers
Preparing for a Russian cyber offensive against Ukraine this winter https://blogs.microsoft.com/on-the-issues/2022/12/03/preparing-russian-cyber-offensive-ukraine/
03/12/2022 20:22:37
QRCode
archive.org
thumbnail

As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This approach has included destructive missile and cyber strikes on civilian infrastructure in Ukraine, cyberattacks on Ukrainian and now foreign-based supply chains, and cyber-enabled influence operations[1]—intended to undermine US, EU, and NATO political support for Ukraine, and to shake the confidence and determination of Ukrainian citizens.

Microsoft EN 2022 iridium russia-ukraine-war Russia cyberoffensive analysis winter
Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression https://blogs.microsoft.com/on-the-issues/2022/11/04/microsoft-digital-defense-report-2022-ukraine/
08/11/2022 08:37:21
QRCode
archive.org
thumbnail

On February 23, 2022, the cybersecurity world entered a new age, the age of the hybrid war, as Russia launched both physical and digital attacks against Ukraine. This year’s Microsoft Digital Defense Report provides new detail on these attacks and on increasing cyber aggression coming from authoritarian leaders around the world.

microsoft EN 2022 report authoritarian leaders defense
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity https://www.microsoft.com/en-us/security/blog/2022/10/27/raspberry-robin-worm-part-of-larger-ecosystem-facilitating-pre-ransomware-activity/
28/10/2022 09:01:26
QRCode
archive.org

Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread.

microsoft EN 2022 Raspberry-Robin malware ecosystem FakeUpdates DEV-0651
Exploited Windows zero-day lets JavaScript files bypass security warnings https://www.bleepingcomputer.com/news/security/exploited-windows-zero-day-lets-javascript-files-bypass-security-warnings/
22/10/2022 18:46:55
QRCode
archive.org
thumbnail

A new Windows zero-day allows threat actors to use malicious JavaScript files to bypass Mark-of-the-Web security warnings. Threat actors are already seen using the zero-day bug in ransomware attacks.

bleepingcomputer EN 2022 JavaScript Mark-of-the-Web Microsoft Ransomware Windows-10 Windows-11
New “Prestige” ransomware impacts organizations in Ukraine and Poland https://www.microsoft.com/security/blog/2022/10/14/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland/
14/10/2022 21:21:48
QRCode
archive.org
thumbnail

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the logistics and transportation industry in Ukraine and Poland utilizing a previously unidentified ransomware payload.

microsoft EN 2022 MSTIC Ukraine Poland ransomware payload Prestige
ZINC weaponizing open-source software https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/
29/09/2022 18:15:19
QRCode
archive.org
thumbnail

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

microsoft EN 2022 ZINC open-source software MSTIC aerospace weaponizing
Slack’s and Teams’ Lax App Security Raises Alarms https://www.wired.com/story/slack-microsoft-teams-app-security/
27/09/2022 07:51:57
QRCode
archive.org
thumbnail

New research shows how third-party apps could be exploited to infiltrate these sensitive workplace tools.

wired EN 2022 Microsoft Teams Slack third-party app research
Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks https://www.securityweek.com/microsoft-issues-out-band-patch-flaw-allowing-lateral-movement-ransomware-attacks
25/09/2022 18:08:50
QRCode
archive.org

Microsoft this week released an out-of-band security update for its Endpoint Configuration Manager solution to patch a vulnerability that could be useful to malicious actors for moving around in a targeted organization’s network.

The vulnerability is tracked as CVE-2022-37972 and it has been described by Microsoft as a medium-severity spoofing issue. The tech giant has credited Brandon Colley of Trimarc Security for reporting the flaw.

Microsoft EN 2022 CVE-2022-37972 Endpoint-Configuration-Manager patch vulnerability
Malicious OAuth applications abuse cloud email services to spread spam https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/
24/09/2022 00:50:46
QRCode
archive.org
thumbnail

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.

microsoft EN 2022 Exchange OAuth abuse spam Exchange attack
Malvertising on Microsoft Edge's News Feed pushes tech support scams https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam
19/09/2022 23:34:16
QRCode
archive.org
thumbnail

We uncovered a campaign on the Microsoft Edge home page where malicious ads are luring victims into tech support scams.

malwarebytes EN 2022 Microsoft Edge Analysis campaign scams IoCs Feed News browser
Undermining Microsoft Teams Security by Mining Tokens https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
15/09/2022 17:40:33
QRCode
archive.org
thumbnail

In August 2022, the Vectra Protect team identified an attack path that enables malicious actors with file system access to steal credentials for any Microsoft Teams user who is signed in.

Vectra EN 2022 token teams Microsoft credentials steal
Microsoft investigates Iranian attacks against the Albanian government https://www.microsoft.com/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/
09/09/2022 16:03:03
QRCode
archive.org
thumbnail

Shortly after the destructive cyberattacks on the Albanian government in mid-July, the Microsoft Detection and Response Team (DART) was engaged to lead an investigation into the attacks.

microsoft EN 2022 investigation DART EUROPIUM Albania Iran attack
Peut-on encore, en Suisse, recourir à des services cloud offerts par Microsoft ? https://swissprivacy.law/165/
05/09/2022 09:04:24
QRCode
archive.org

Dans une prise de position publiée le 13 juin 2022, le Préposé fédéral à la protection des données et à la transparence a estimé que le recours aux services cloud M365 de Microsoft serait susceptible de violer la Loi fédérale sur la protection des données, quand bien même le projet de la Caisse nationale suisse d'assurance en cas d'accidents (SUVA) envisage que les données soient hébergées en Suisse et que le cocontractant du responsable du traitement soit une entité européenne du Groupe Microsoft.

swissprivacy FR 2022 CH Suisse Préposé-fédéral Microsoft cloud protection données Cloud-Act
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks - Microsoft Security Blog https://www.microsoft.com/security/blog/2022/08/24/looking-for-the-sliver-lining-hunting-for-emerging-command-and-control-frameworks/
25/08/2022 14:34:56
QRCode
archive.org
thumbnail

Threat actors evade detection by adopting the Sliver command-and-control (C2) framework in intrusion campaigns.

microsoft EN 2022 Sliver C2 framework command-and-control threat-actor
page 1 / 3
1033 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio