Cybersecurity, SMS and voice Multi-Factor Authentication pose great risks
Microsoft: These mechanisms, based on PSTN, are the least secure of the MFA methods today. That gap will only widen as adoption increases cybercrime’ interest.
Cybercrime, threat actors continue to exploit CVE-2020-1472 vulnerability
Microsoft cybersecurity experts: It allows an elevation of privilege in Netlogon protocol. Update the systems now!
Cybersecurity, Microsoft SharePoint server has a new vulnerability
UK NCSC experts: It’s the CVE-2020-16952. It can be exploited when a user uploads a specially crafted application package to an affected version of SharePoint.
Cybercrime, new Android ransomware: AndroidOS/MalLocker.B
Microsoft cybersecurity experts: The malware doesn’t encrypt the files. It blocks access to device by displaying a screen with the ransom note that appears over every other window.
Cyber Warfare, attacks on U.S. grow as elections approach
Microsoft cyber security experts: Foreign activity stepped up targeting the 2020 vote. It’s the work of well known actors as Strontium, Zirconium and Phosphorus.
Cyber Security, Microsoft fixes urgently two Codec vulnerabilities
They are the CVE-2020-1425 and the CVE-2020-1457, and affects Library on several Windows 10 and Windows Server versions. Up to date, there aren’t any alternative mitigating measures.
Cyber Security, Microsoft fixes 129 product vulnerabilities at once
Eleven were critical, but none of them has been exploited by cybercrime. SecurityAffairs: One was located in the Server Message Block (SMB) protocol, and dubbed SMBleed.
Cybercrime, phishing on Covid-19 passes via NetSupport Manager
Microsoft's cyber security experts: An ongoing campaign exploits RAT through malicious macros on an Excel document related to the coronavirus. Attention, the baits vary!
Microsoft protects for free healthcare organizations against cybercrime
The company will offer AccountGuard threat notification service at no cost to providers who fight coronavirus. The cyber security experts: attacks have 2 things in common: a person and email.
Cybercrime hit Windows 10 users thanks to a critical flaw
Microsoft confirmed “limited targeted attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library”. The cyber security experts: Today there’s not available fix.