Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
11 résultats taggé microsoft  ✕
CVE-2022-26925 : Patchez vos machines Windows sans attendre https://www.it-connect.fr/securite-cve-2022-26925-relais-ntlm-cette-vulnerabilite-touche-toutes-les-versions-de-windows/
11/05/2022 17:42:36
QRCode
archive.org
thumbnail

CVE-2022-26925 : Microsoft a corrigé une faille de sécurité zero-day qui touche toutes les versions de Windows et qui permet une attaque par relais NTLM.

it-connect FR NTLM active-directory microsoft windows entreprise CVE-2022-26925
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
11/05/2022 11:25:36
QRCode
archive.org
thumbnail

Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert humane intelligence at every step of the attack chain and culminate in intentional business disruption and extortion. In this blog, we explain the ransomware-as-a-service affiliate model and disambiguate between the attacker tools and the various threat actors at play during a security incident.

microsoft ransomware Ransomware-as-a-service EN 2022 affiliate
Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins https://fidoalliance.org/apple-google-and-microsoft-commit-to-expanded-support-for-fido-standard-to-accelerate-availability-of-passwordless-sign-ins/
06/05/2022 16:19:39
QRCode
archive.org
thumbnail

Faster, easier and more secure sign-ins will be available to consumers across leading devices and platforms  Mountain View, California, MAY 5, 2022  – In a joint effort to make the web […]

FIDO fidoalliance EN 2022 Google Apple Microsoft Passwordless password Standard
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/
27/04/2022 10:53:04
QRCode
archive.org
thumbnail

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.

Nimbuspwn microsoft EN 2022 CVE-2022-29799 CVE-2022-29800 vulnerability Linux D-Bus TOCTOU networkd-dispatcher
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure https://www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/
24/04/2022 10:58:21
QRCode
archive.org
thumbnail

In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covers the evolution of the threat, how it spreads, and how it impacts organizations. Part 2 is a deep dive on the attacker behavior and will provide investigation guidance.

microsoft 2021 LemonDuck lemoncat EN malware botnet infrastructure
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/
23/03/2022 10:22:59
QRCode
archive.org
thumbnail

The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.

microsoft EN 2022 LAPSUS$ DEV-0537 extortion research activity threat group
Lapsus$ hackers leak 37GB of Microsoft's alleged source code https://www.bleepingcomputer.com/news/microsoft/lapsus-hackers-leak-37gb-of-microsofts-alleged-source-code/
22/03/2022 11:10:44
QRCode
archive.org
thumbnail

The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.

Bing Cortana Extortion Lapsus$ Microsoft Source-Code EN 2022 leak
New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store https://research.checkpoint.com/2022/new-malware-capable-of-controlling-social-media-accounts-infects-5000-machines-and-is-actively-being-distributed-via-gaming-applications-on-microsofts-official-store/
26/02/2022 11:27:25
QRCode
archive.org
thumbnail

New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft’s Official Store

checkpoint 2022 Microsoft sore app electron socialmedia TempleRun backdoor games
Dropping Files on a Domain Controller Using CVE-2021-43893 https://www.rapid7.com/blog/post/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893/
15/02/2022 11:35:00
QRCode
archive.org
thumbnail

On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.

CVE-2021-43893 Windows EFS EN Microsoft Rapid7
Who Needs to Exploit Vulnerabilities When You Have Macros? https://insights.sei.cmu.edu/blog/who-needs-to-exploit-vulnerabilities-when-you-have-macros/
13/02/2022 01:46:37
QRCode
archive.org
thumbnail

Recently, there has been a resurgence of malware that is spread via Microsoft Word macro capabilities....

microsoft macros office EN
Helping users stay safe: Blocking internet macros by default in Office https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805
13/02/2022 01:30:37
QRCode
archive.org
thumbnail

Changing Default Behavior

We’re introducing a default change for five Office apps that run macros:
VBA macros obtained from the internet will now be blocked by default.

Microsoft EN change macros Office VBA
306 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio