Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 3
53 résultats taggé microsoft  ✕
Guidance for investigating attacks using CVE-2023-23397 https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
27/03/2023 11:09:51
QRCode
archive.org
thumbnail

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.

microsoft EN 2023 Guidance investigating CVE-2023-23397 Outlook
Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online - Microsoft Community Hub https://techcommunity.microsoft.com/t5/exchange-team-blog/throttling-and-blocking-email-from-persistently-vulnerable/ba-p/3762078
27/03/2023 07:15:28
QRCode
archive.org
thumbnail

As we continue to enhance the security of our cloud, we are going to address the problem of email sent to Exchange Online from unsupported and unpatched Exchange servers. There are many risks associated with running unsupported or unpatched software, but by far the biggest risk is security. Once a version of Exchange Server is no longer supported, it no longer receives security updates; thus, any vulnerabilities discovered after support has ended don’t get fixed. There are similar risks associated with running software that is not patched for known vulnerabilities. Once a security update is released, malicious actors will reverse-engineer the update to get a better understanding of how to exploit the vulnerability on unpatched servers.

microsoft techcommunity EN 2023 announce Blocking Email Exchange unpatched
Everything We Know About CVE-2023-23397 https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397?hss_channel=tw-3330464153
17/03/2023 21:07:36
QRCode
archive.org
thumbnail

Huntress is tracking CVE-2023-23397, a 0-day that impacts Microsoft Outlook and requires no user interaction to expose user credential hashes.

huntress EN 2023 CVE-2023-23397 0-day Microsoft Outlook
CVE-2023-23415 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415
14/03/2023 22:48:05
QRCode
archive.org
microsoft EN 2023 advosory CVE-2023-23415 PatchTuesday RCE ping ICMP
A Noteworthy Threat: How Cybercriminals are Abusing OneNote https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/a-noteworthy-threat-how-cybercriminals-are-abusing-onenote-part-1/
08/03/2023 21:34:33
QRCode
archive.org
thumbnail

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files.

trustwave EN 2023 Microsoft OneNote phishing malicious analysis
Iran responsible for Charlie Hebdo attacks https://www.microsoft.com/en-us/security/business/security-insider/uncategorized/iran-responsible-for-charlie-hebdo-attacks/
06/02/2023 19:44:22
QRCode
archive.org
thumbnail

Today, Microsoft’s Digital Threat Analysis Center (DTAC) is attributing a recent influence operation targeting the satirical French magazine Charlie Hebdo

microsoft DTAC EN 2023 attribution Iran influence France CharlieHebdo EmennetPasargad
No Macro? No Worries. VSTO Being Weaponized by Threat Actors https://www.deepinstinct.com/blog/no-macro-no-worries-vsto-being-weaponized-by-threat-actors
06/02/2023 18:54:47
QRCode
archive.org
thumbnail

A software development toolset, VSTO is available in Microsoft’s Visual Studio IDE. It enables Office Add-In’s (a type of Office application extension) to be developed in .NET and also allows for Office documents to be created that will deliver and execute these Add-In’s.

deepinstinct EN 2023 Weaponized VSTO Microsoft VisualStudio IDE Add-In
Qakbot's Evolution Continues with New Strategies https://blog.cyble.com/2023/02/01/qakbots-evolution-continues-with-new-strategies/
01/02/2023 21:48:20
QRCode
archive.org
thumbnail

Cyble Research & Intelligence Labs analyzes new strategies deployed by Qakbot to infect users via Microsoft OneNote.

Cyble EN 2023 Qakbot Microsoft OneNote
Threat groups are using Windows LNK files to gain access https://www.theregister.com/2023/01/23/threat_groups_malicious_lnk/
24/01/2023 06:04:45
QRCode
archive.org
thumbnail

Microsoft's move last year to block macros by default in Office applications is forcing miscreants to find other tools with which to launch cyberattacks, including the software vendor's LNK files – the shortcuts Windows uses to point to other files.

theregister EN 2023 LNK macros Microsoft Windows threat
ZINC weaponizing open-source software - Microsoft Security Blog https://www.microsoft.com/en-us/security/blog/2022/09/29/zinc-weaponizing-open-source-software/
28/12/2022 11:39:07
QRCode
archive.org
thumbnail

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including media, defense and aerospace, and IT services in the US, UK, India, and Russia. Based on the observed tradecraft, infrastructure, tooling, and account affiliations, MSTIC attributes this campaign with high confidence to ZINC, a state-sponsored group based out of North Korea with objectives focused on espionage, data theft, financial gain, and network destruction.

microsoft EN 2022 Microsoft weaponized ZINC open-source MSTIC apt North-Korea
Microsoft-signed malicious Windows drivers used in ransomware attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-signed-malicious-windows-drivers-used-in-ransomware-attacks/
14/12/2022 10:19:13
QRCode
archive.org
thumbnail

Microsoft has revoked several Chardware developer accounts after drivers signed through their profiles were used in cyberattacks, including ransomware incidents.

bleepingcomputer EN 2022 Microsoft-signed Microsoft cyberattacks drivers
Preparing for a Russian cyber offensive against Ukraine this winter https://blogs.microsoft.com/on-the-issues/2022/12/03/preparing-russian-cyber-offensive-ukraine/
03/12/2022 20:22:37
QRCode
archive.org
thumbnail

As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This approach has included destructive missile and cyber strikes on civilian infrastructure in Ukraine, cyberattacks on Ukrainian and now foreign-based supply chains, and cyber-enabled influence operations[1]—intended to undermine US, EU, and NATO political support for Ukraine, and to shake the confidence and determination of Ukrainian citizens.

Microsoft EN 2022 iridium russia-ukraine-war Russia cyberoffensive analysis winter
Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression https://blogs.microsoft.com/on-the-issues/2022/11/04/microsoft-digital-defense-report-2022-ukraine/
08/11/2022 08:37:21
QRCode
archive.org
thumbnail

On February 23, 2022, the cybersecurity world entered a new age, the age of the hybrid war, as Russia launched both physical and digital attacks against Ukraine. This year’s Microsoft Digital Defense Report provides new detail on these attacks and on increasing cyber aggression coming from authoritarian leaders around the world.

microsoft EN 2022 report authoritarian leaders defense
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity https://www.microsoft.com/en-us/security/blog/2022/10/27/raspberry-robin-worm-part-of-larger-ecosystem-facilitating-pre-ransomware-activity/
28/10/2022 09:01:26
QRCode
archive.org

Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread.

microsoft EN 2022 Raspberry-Robin malware ecosystem FakeUpdates DEV-0651
Exploited Windows zero-day lets JavaScript files bypass security warnings https://www.bleepingcomputer.com/news/security/exploited-windows-zero-day-lets-javascript-files-bypass-security-warnings/
22/10/2022 18:46:55
QRCode
archive.org
thumbnail

A new Windows zero-day allows threat actors to use malicious JavaScript files to bypass Mark-of-the-Web security warnings. Threat actors are already seen using the zero-day bug in ransomware attacks.

bleepingcomputer EN 2022 JavaScript Mark-of-the-Web Microsoft Ransomware Windows-10 Windows-11
New “Prestige” ransomware impacts organizations in Ukraine and Poland https://www.microsoft.com/security/blog/2022/10/14/new-prestige-ransomware-impacts-organizations-in-ukraine-and-poland/
14/10/2022 21:21:48
QRCode
archive.org
thumbnail

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the logistics and transportation industry in Ukraine and Poland utilizing a previously unidentified ransomware payload.

microsoft EN 2022 MSTIC Ukraine Poland ransomware payload Prestige
ZINC weaponizing open-source software https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/
29/09/2022 18:15:19
QRCode
archive.org
thumbnail

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

microsoft EN 2022 ZINC open-source software MSTIC aerospace weaponizing
Slack’s and Teams’ Lax App Security Raises Alarms https://www.wired.com/story/slack-microsoft-teams-app-security/
27/09/2022 07:51:57
QRCode
archive.org
thumbnail

New research shows how third-party apps could be exploited to infiltrate these sensitive workplace tools.

wired EN 2022 Microsoft Teams Slack third-party app research
Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks https://www.securityweek.com/microsoft-issues-out-band-patch-flaw-allowing-lateral-movement-ransomware-attacks
25/09/2022 18:08:50
QRCode
archive.org

Microsoft this week released an out-of-band security update for its Endpoint Configuration Manager solution to patch a vulnerability that could be useful to malicious actors for moving around in a targeted organization’s network.

The vulnerability is tracked as CVE-2022-37972 and it has been described by Microsoft as a medium-severity spoofing issue. The tech giant has credited Brandon Colley of Trimarc Security for reporting the flaw.

Microsoft EN 2022 CVE-2022-37972 Endpoint-Configuration-Manager patch vulnerability
Malicious OAuth applications abuse cloud email services to spread spam https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/
24/09/2022 00:50:46
QRCode
archive.org
thumbnail

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.

microsoft EN 2022 Exchange OAuth abuse spam Exchange attack
page 1 / 3
1185 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio