Microsoft Archives - Page 2 of 12

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 1, 2022 / CVE-2022-41040, CVE-2022-41082, Exchange, Exchange Server 2019, IIS, Microsoft, PowerSHell, ProxyNotShell, Vulnerabilities, Zero-day

Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities Read More »

Threat actor deploys malicious OAuth apps on compromised cloud tenants to spread spam

Access Control, Authentication, Cloud Security, Cybersecurity Attacks, Messaging Security / Frank Crast / September 25, 2022 / AAD, Cloud, MFA, Microsoft, Oauth

Microsoft has been monitoring a threat actor deploying malicious OAuth apps on compromised cloud tenants to spread spam.

Threat actor deploys malicious OAuth apps on compromised cloud tenants to spread spam Read More »

Microsoft releases out-of-band patch for Endpoint Configuration Manager

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 22, 2022 / Configuration Manager, CVE-2022-37972, Endpoint, Microsoft, NTLM

Microsoft has released an out-of-band patch for a Endpoint Configuration Manager vulnerability CVE-2022-37972.

Microsoft releases out-of-band patch for Endpoint Configuration Manager Read More »

Microsoft September 2022 Security Updates addresses 63 vulnerabilities (5 Critical, 1 zero-day, 1 Spectre-BHP)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / September 14, 2022 / CVE-2022-34700, CVE-2022-34718, CVE-2022-34721, CVE-2022-34722, CVE-2022-35805, CVE-2022-37969, Cybersecurity Threat Center, Microsoft, Spectre v2, Spectre-BHP

The Microsoft September 2022 Security Updates includes patches and advisories for 63 vulnerabilities. Five of those are rated Critical severity, one that addresses a previously disclosed Spectre-BHP flaw, and a zero-day exploited in the wild.

Microsoft September 2022 Security Updates addresses 63 vulnerabilities (5 Critical, 1 zero-day, 1 Spectre-BHP) Read More »

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / August 19, 2022 / Active Directory, Apple, CISA, CVE-2017-15944, CVE-2022-21971, CVE-2022-22536, CVE-2022-26923, CVE-2022-2856, CVE-2022-32893, CVE-2022-32894, iOS, Known Exploited Vulnerabilities Catalog, macOS, Microsoft, Windows

The Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple (2), Microsoft (2), SAP, Google Chrome, and Palo Alto Networks.

CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Attackers exploit open redirect vulnerability on Amex and Snapchat sites

Cybersecurity Attacks, Phishing, Vulnerabilities & Exploits / Frank Crast / August 16, 2022 / Amex, Cybersecurity Threat Center, Docusign, FedEx, Google Workspace, INKY, Microsoft, Microsoft 365, phishing, redirect, Snapchat

Attackers have been exploiting a well-known open redirect vulnerability on American Express and Snapchat sites to phish for victim’s personal data.

Attackers exploit open redirect vulnerability on Amex and Snapchat sites Read More »

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 30, 2022 / 0-day, Adobe, CVE-2021-28550, CVE-2021-31199, CVE-2021-31201, CVE-2021-36948, CVE-2022-22047, DSIRF, Knotweed, Microsoft, MSTIC, Subzero

Knotweed threat actors have exploited Microsoft and Adobe 0-day vulnerabilities in targeted attacks against European and Central American customers. The actors also developed Subzero malware used in these attacks.

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware Read More »

H0lyGh0st ransomware actors target small and midsize businesses

Cybersecurity Attacks, Malware, Ransomware / Frank Crast / July 17, 2022 / Andariel, BLTC.exe, BTLC_C.exe, C2, Cybersecurity Threat Center, DarkSeoul, DEV-0530, H0lyGh0st, HolyGhost, HolyLock.exe, HolyRS.exe, Microsoft, MSTIC, North Korea, Plutonium, Ransomware, SiennaBlue, SiennaPurple, Small Business, SMB

Security researchers from Microsoft warn threat actors from North Korea are using H0lyGh0st ransomware to target small and midsize businesses around the globe.

H0lyGh0st ransomware actors target small and midsize businesses Read More »

Toll fraud Android malware is major threat to steal your money

Malware, Mobile Security / Frank Crast / July 4, 2022 / Android, Cybersecurity Threat Center, Google Play Store, malware, Microsoft, mobile, toll fraud

Researchers from Microsoft warn that toll fraud Android malware has been one of the most prevalent malware downloaded from the Google Play Store since 2017 and is a major threat to steal your money.

Toll fraud Android malware is major threat to steal your money Read More »

CISA adds Windows LSA Spoofing Vulnerability (CVE-2022-26925) to Known Exploited Vulnerabilities Catalog

Vulnerabilities & Exploits / Frank Crast / July 4, 2022 / CISA, CVE-2022-26925, Known Exploited Vulnerabilities Catalog, LSARPC, Microsoft

The Cybersecurity and Infrastructure Security Agency (CISA) has added a former zero-day Windows LSA Spoofing Vulnerability (CVE-2022-26925) to its Known Exploited Vulnerabilities Catalog.

CISA adds Windows LSA Spoofing Vulnerability (CVE-2022-26925) to Known Exploited Vulnerabilities Catalog Read More »