Cyberveille
curated by Decio
Nuage de tags
Mur d'images
Quotidien
Rechercher
Flux RSS
Flux RSS
Daily Feed
Weekly Feed
Monthly Feed
tags
search
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters
The US Government Has a Microsoft Problem
CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft
Microsoft could have prevented Chinese cloud email hack, US cyber report says
Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season
Microsoft Copilot for Security: General Availability details
Microsoft publie son outil interne de test de sécu d'IA générative
Russian spies keep hacking into Microsoft in 'ongoing attack,' company says
Microsoft AI engineer says Copilot Designer creates disturbing images
Internet Society veut empêcher Microsoft d'héberger les données de santé des Français
Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments
DarkGate malware delivered via Microsoft Teams - detection and response
Midnight Blizzard: Guidance for responders on nation-state attack
Microsoft network breached through password-spraying by Russian-state hackers
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
Microsoft disables MSIX protocol handler abused in malware attacks
Threat actors misuse OAuth applications to automate financially driven attacks
Star Blizzard increases sophistication and evasion in ongoing attacks
Windows 10 gets three more years of security updates, if you can afford them | Ars Technica
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
Microsoft Patch Tuesday November 2023
Détournement de Microsoft et Cloudflare au cours d’une nouvelle attaque de QRishing
Microsoft Temporarily Blocked Internal Access to ChatGPT, Citing Data Concerns
Microsoft offers politicians protection against deepfakes
New Microsoft Exchange zero-days allow RCE, data theft attacks
Microsoft is overhauling its software security after major Azure cloud attacks
Microsoft profiles new threat group with unusual but effective practices
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
The evolution of Windows authentication
Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System
38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog
Leaked Microsoft documents hint at new Doom and Dishonored games
Microsoft AI Employee Accidentally Leaks 38TB of Data
Microsoft to defend customers on AI copyright challenges
Compromised Microsoft Key: More Impactful Than We Thought
Chinese Microsoft hackers also hit GOP Rep. Don Bacon of Nebraska
'DoubleDrive' attack turns Microsoft OneDrive into ransomware
Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Tenable CEO accuses Microsoft of negligence in addressing security flaw
Microsoft…The Truth Is Even Worse Than You Think
Russia-backed hackers used Microsoft Teams to breach government agencies | TechCrunch
Cryptojacking: Understanding and defending against cloud compute resource abuse
Microsoft changes signing key system breached by Chinese hackers to steal US gov’t data
Chinese hackers breached US government email accounts, Microsoft and White House say | CNN Politics
Storm-0978 attacks reveal financial and espionage motives
The five-day job: A BlackByte ransomware intrusion case study
Microsoft Teams vulnerability allows attackers to deliver malware to employees
Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks
Microsoft Encrypted Restricted Permission Messages Deliver Phishing | Trustwave
Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog
New macOS vulnerability, Migraine, could bypass System Integrity Protection | Microsoft Security Blog
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
Stopping cybercriminals from abusing security tools
Privacy, a chi tocca proteggere gli studenti?
Guidance for investigating attacks using CVE-2023-23397
Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online - Microsoft Community Hub
Everything We Know About CVE-2023-23397
A Noteworthy Threat: How Cybercriminals are Abusing OneNote
Iran responsible for Charlie Hebdo attacks
No Macro? No Worries. VSTO Being Weaponized by Threat Actors
Qakbot's Evolution Continues with New Strategies
Threat groups are using Windows LNK files to gain access
ZINC weaponizing open-source software - Microsoft Security Blog
Microsoft-signed malicious Windows drivers used in ransomware attacks
Preparing for a Russian cyber offensive against Ukraine this winter
Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression
Exploited Windows zero-day lets JavaScript files bypass security warnings
New “Prestige” ransomware impacts organizations in Ukraine and Poland
ZINC weaponizing open-source software
Slack’s and Teams’ Lax App Security Raises Alarms
Malicious OAuth applications abuse cloud email services to spread spam
Malvertising on Microsoft Edge's News Feed pushes tech support scams
Undermining Microsoft Teams Security by Mining Tokens
Microsoft investigates Iranian attacks against the Albanian government
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks - Microsoft Security Blog
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Disrupting SEABORGIUM’s ongoing phishing operations
Large-Scale AiTM Attack targeting enterprise users of Microsoft email services
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
Ongoing phishing campaign can hack you even when you’re protected with MFA
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Cybersecurity experts question Microsoft's Ukraine report
Microsoft finds Raspberry Robin worm in hundreds of Windows networks
The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
NSA, Partners Recommend Properly Configuring, Monitoring PowerShell in New Report
7-zip now supports Windows ‘Mark-of-the-Web’ security feature
Defending Ukraine: Early Lessons from the Cyber War
FBI says fraud on LinkedIn a 'significant threat' to platform and consumers
CVE-2022-26925 : Patchez vos machines Windows sans attendre
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store
Dropping Files on a Domain Controller Using CVE-2021-43893
Who Needs to Exploit Vulnerabilities When You Have Macros?
Helping users stay safe: Blocking internet macros by default in Office