Microsoft Archives - Cyber Security Minute

Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account

Issued by: The Hacker News

In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple…

Vulnerabilities

Microsoft Outlook flaw opens door to 1-click remote code execution attacks

Issued by: CSO Online

Microsoft released its batch of monthly security updates this month covering 73 vulnerabilities, including two zero-day flaws exploited in the wild. While organizations should prioritize all critical and high-risk issues, there is one critical vulnerability in Outlook that researchers claim could open the door to trivial attacks that result in remote code execution. Dubbed MonikerLink…

Application Security

Microsoft, OpenAI: Nation-States Are Weaponizing AI in Cyberattacks

Issued by: Dark Reading

Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia are all using large language models (LLMs) to enhance their operations. New blog posts from OpenAI and Microsoft reveal that five major threat actors have been using OpenAI software for research, fraud, and other malicious purposes. After identifying them, OpenAI shuttered all their…

Malware & Threats

Microsoft Shares New Guidance in Wake of ‘Midnight Blizzard’ Cyberattack

Issued by: Dark Reading

Microsoft has released new guidance for organizations on how to protect against persistent nation-state attacks like the one disclosed a few days ago that infiltrated its own corporate email system. A key focus of the guidance is on what organizations can do to protect against threat actors using malicious OAuth apps to hide their activity…

Vulnerabilities

GitHub Rotates Credentials in Response to Vulnerability

Issued by: SecurityWeek

The Microsoft-owned platform received the vulnerability report on December 26, 2023, and took immediate action to address the issue and revoke potentially exposed credentials, which led to disruptions between December 27 and 29. The security defect, which allowed access to credentials within a production container, had no impact beyond the security researcher who identified and…

Vulnerabilities

2024’s first Patch Tuesday steps lightly

Issued by: Naked Security

January isn’t traditionally the lightest month on patch managers’ calendars, so a second month of (relatively) few Microsoft releases is a bit of a treat. On Tuesday the company released 48 CVEs, including 38 for Windows. Eight other product groups or tools are also affected. Of the CVEs addressed, just two are considered Critical in…

Malware & Threats

Microsoft disables online Windows App Installer after attackers abuse it

Issued by: CSO Online

Microsoft has disabled the App Installer functionality that allowed Windows 10 apps to be installed directly from a web page by clicking on a link that used the ms-appinstaller URI scheme. This functionality has been heavily abused in recent months by different threat actors to deploy ransomware and other malicious implants. “Threat actors have likely…

Vulnerabilities

Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File

Issued by: Dark Reading

Researchers this week disclosed details on two security vulnerabilities in Microsoft Outlook that, when chained together, give attackers a way to execute arbitrary code on affected systems without any user interaction. Unusually, both of them can be triggered using a sound file. One of the flaws, tracked as CVE-2023-35384, is actually the second patch bypass…

News

Is China waging a cyber war with Taiwan?

Issued by: CSO Online

Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. With geopolitical tensions and a trade war acting as a backdrop, China-led cyberattacks on Taiwan are rising sharply, according to multiple security reports. In the latest report about alleged China-sponsored cyberattacks on Taiwan, Kate Morgan, a…

Software Security

Microsoft pledges cybersecurity overhaul to protect products and services

Issued by: CSO Online

Microsoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats. Microsoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring…