Cybersecurity, Microsoft patches the last 0-day Exchange Server vulnerabilities
They have been used by the China state-sponsored APT Hafnium for cyber espionage purpose against US. Update the systems now!
Cybersecurity, anomaly in Microsoft account linked to aliases
I discover that I have one. Formally it does not exist, but it has other phone numbers. The company unveals the mystery, but only in part. Bug?
Cybercrime, web shell attacks on servers continue to grow
Microsoft cybersecurity experts: It may be attributed to how simple and effective they can be. Attackers exploit vulnerabilities in web applications.
Cyber Espionage: BISMUTH is leveraging Monero crypto-miners
Microsoft cybersecurity experts: The goal is to stay under the radar and establish persistence in targeted networks. The APT attacked France and Vietnam.
Cybersecurity, SMS and voice Multi-Factor Authentication pose great risks
Microsoft: These mechanisms, based on PSTN, are the least secure of the MFA methods today. That gap will only widen as adoption increases cybercrime’ interest.
Cybercrime, threat actors continue to exploit CVE-2020-1472 vulnerability
Microsoft cybersecurity experts: It allows an elevation of privilege in Netlogon protocol. Update the systems now!
Cybersecurity, Microsoft SharePoint server has a new vulnerability
UK NCSC experts: It’s the CVE-2020-16952. It can be exploited when a user uploads a specially crafted application package to an affected version of SharePoint.
Cybercrime, new Android ransomware: AndroidOS/MalLocker.B
Microsoft cybersecurity experts: The malware doesn’t encrypt the files. It blocks access to device by displaying a screen with the ransom note that appears over every other window.
Cyber Warfare, attacks on U.S. grow as elections approach
Microsoft cyber security experts: Foreign activity stepped up targeting the 2020 vote. It’s the work of well known actors as Strontium, Zirconium and Phosphorus.
Cyber Security, Microsoft fixes urgently two Codec vulnerabilities
They are the CVE-2020-1425 and the CVE-2020-1457, and affects Library on several Windows 10 and Windows Server versions. Up to date, there aren’t any alternative mitigating measures.