Microsoft Archives - Page 12 of 17 - Cyber Security Minute

What you need to know about changes to Microsoft’s Security Update Guide

Issued by: CSO

Microsoft recently changed how it presents and explains its security vulnerabilities in its products. The new security guide aligns itself with security and industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS), which presents a vulnerability’s key characteristics and assigns a numerical score to its severity. The intent of that score…

Malware & Threats

Threat Actors Increasingly Using VBA Purging in Attacks

Issued by: Security Week

Initially detailed in February 2020, VBA purging involves the use of VBA source code only within Office documents, instead of the typically compiled code, and ensures better detection evasion. Malicious Office documents have VBA code stored within streams of Compound File Binary Format (CFBF) files, with Microsoft’s specifications on VBA macros (MS-OVBA) storing VBA data…

Malware & Threats

Microsoft, Energy Department and Others Named as Victims of SolarWinds Attack

Issued by: Security Week

Microsoft has confirmed that it has detected the malicious SolarWinds binaries delivered by the threat actor on its own systems as well. The tech giant took steps to remove the malware and claimed it had found no evidence that the attackers used its own systems to target others. Microsoft said in a blog post on…

Vulnerabilities

Microsoft Releases Out-of-Band Update for Kerberos Authentication Issues

Issued by: Security Week

The issue is related to the PerformTicketSignature registry subkey value in CVE-2020-17049, a security feature bypass bug in Kerberos Key Distribution Center (KDC) that Microsoft fixed on November 2020 Patch Tuesday. CVE-2020-17049, the tech company explains in an advisory, resides in the manner in which KDC determines whether tickets are eligible for delegation via Kerberos…

Malware & Threats

In Q2 2020, there was an average of 419 new threats per minute

Issued by: Help Net Security

McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in Q2 2020. During this period, there was an average of 419 new threats per minute as overall new malware samples grew by 11.5%. A significant proliferation in malicious Donoff Microsoft Office documents attacks propelled new PowerShell malware up…

Software Security

Review: Specops Password Policy

Issued by: Help Net Security

Specops Password Policy is a powerful tool for overcoming the limitations of the default password policies present in Microsoft Active Directory environments. To be fair, Microsoft did revise and upgrade the default password policy and introduced additional, granular fine-tuning options over the years, but for some enterprise environments that’s still not enough, so Specops Password…

Software Security

Windows 10 security: Are you on the right version?

Issued by: CSO

A recent Microsoft Ignite session reminded me about how much Windows 10 has changed over the years. We often forget that when we don’t update to newer versions, we miss out on the improved security features in each release. It’s easy to forget the advances and security features that Windows 10 has added over the…

Vulnerabilities

Microsoft Says Iranian Hackers Exploiting Zerologon Vulnerability

Issued by: Security Week

Also known as Seedworm, MERCURY, and Static Kitten, and initially analyzed in 2017, MuddyWater is mainly focused on organizations in the Middle East and regions nearby. Highly active, the group was observed expanding its target list and leveraging a broad and varied toolset. Although further details on the threat actor’s operations emerged last year (after…

Software Security

Microsoft Publishes Guide to Securing Systems Vulnerable to Zerologon Attacks

Issued by: Security Week

Addressed on August 2020 Patch Tuesday, the flaw was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused by remote attackers to compromise Active Directory domain controllers and gain administrator access. To exploit the flaw, which is tracked as CVE-2020-1472, an unauthenticated attacker would need to run a specially crafted application…

Software Security

Securing Microsoft Teams: The options are limited

Issued by: CSO

As more remote work from home happens, your collaboration tools need more scrutiny. A popular choice for instant messaging and video conferencing is Microsoft’s Teams, and securing this application will be a challenge. Teams already has had one major exploit that would allow a malicious actor to use the Microsoft Teams Updater to download any…