Beware the tools that can bring risk to a Windows network
There are a few essential questions that anyone maintaining security on a Windows network needs to ask right now to avoid engaging in some very risky behavior, but there’s one that may be the most important of all — are you aware of tools in your network that may be bringing more risk? Many of…
Visual Studio Code Has a Malicious Extension Problem
Cybersecurity researchers said an experiment in developing a fake, malicious extension for the world’s most popular integrated development environment succeeded beyond their wildest expectations. Researchers Amit Assaraf, Itay Kruk, and Idan Dardikman uploaded an extension to Microsoft source code editing platform Visual Studio Code masquerading as “Dracula Official,” a color theme that records nearly 7.2…
Microsoft, Late to the Game on Dangerous DNSSEC Zero-Day Flaw
Among the more dangerous of the flaws for which Microsoft released a patch this week on Patch Tuesday is a denial-of-service (DoS) vulnerability publicly disclosed back in February in the Domain Name System Security Extensions (DNSSEC) protocol. The vulnerability, identified as CVE-2023-50868 exists in a third-party DNSSEC mechanism called Next Secure Hash 3 (NSEC3) for…
Microsoft Now Promises Extra Security for AI-Driven Recall
How in the world has Microsoft’s leadership managed to get the debut of its forthcoming Recall feature for Windows so wrong on the security and privacy fronts? Recall for Copilot+ is designed to capture screenshots of everything a user does on their Windows PC for potential replay later. To give Microsoft the benefit of the…
Microsoft: ‘Moonstone Sleet’ APT Melds Espionage, Financial Goals
Researchers at Microsoft have identified a North Korean threat group carrying out espionage and financial cyberattacks concurrently, using a grab bag of different attack techniques against aerospace, education, and software organizations and developers. In the beginning, Microsoft explained in a blog post, Moonstone Sleet heavily overlapped with the known DPRK advanced persistent threat (APT) Diamond…
Microsoft’s ‘Recall’ Feature Draws Criticism From Privacy Advocates
Microsoft’s plans to introduce a “Recall” feature powered by artificial intelligence in its Copilot+ PCs lineup has evoked considerable privacy concerns. But the extent to which these concerns are fully justified remains a somewhat open question at the moment. Recall is technology that Microsoft has described as enabling users to easily find and remember whatever…
Microsoft fixes three zero-day vulnerabilities, two actively exploited
Microsoft released its monthly batch of security fixes on Tuesday, which included patches for three vulnerabilities that already had exploits available. Two of those vulnerabilities are being actively exploited, with one being used by multiple groups to deliver malware, including the QakBot trojan. Microsoft’s updates addressed 61 vulnerabilities across its products, but only one was…
Microsoft Patches Zero-Day Exploited by QakBot
Microsoft issued a patch Tuesday for a Windows zero-day vulnerability that security researchers say operators of the QakBot botnet and other hackers actively exploited. U.S. authorities in August dismantled the botnet, also known as Qbot, and told reporters that it “ceased to operate” as a result of an antimalware campaign dubbed Operation Duck Hunt. Malware…
Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account
In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple…
Microsoft Outlook flaw opens door to 1-click remote code execution attacks
Microsoft released its batch of monthly security updates this month covering 73 vulnerabilities, including two zero-day flaws exploited in the wild. While organizations should prioritize all critical and high-risk issues, there is one critical vulnerability in Outlook that researchers claim could open the door to trivial attacks that result in remote code execution. Dubbed MonikerLink…
