With the ever-increasing number of cyber threats, hackers and cybersecurity specialists are taking the initiative. This time, cybercriminals went ahead of the curve. They created a phishing website to coincide with the news that Microsoft was developing a crypto wallet exclusively for its Edge browser. Such a scheme is used to spread Luca Stealer. Microsoft… Continue reading Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site
Tag: Microsoft
Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing
In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing
Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
On July 11, 2023, Microsoft published an article about addressing the CVE-2023-36884 vulnerability. This breach allowed for remote code execution in Office and Windows HTML. Microsoft has acknowledged a targeted attack that exploits a vulnerability using specifically designed Microsoft Office documents. The attacker can gain control of a victim’s computer by creating a malicious Office… Continue reading Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
Researchers Found BlackLotus UEFI Bootkit Sources on GitHub
The source code for the BlackLotus UEFI bootkit, which was previously sold on the dark web for $5,000, has been discovered by Binarly analysts on GitHub. The researchers say the leaked sources are not entirely complete and contain mostly a rootkit and a bootkit to bypass Secure Boot. What is BlackLotus bootkit? BlackLotus was first… Continue reading Researchers Found BlackLotus UEFI Bootkit Sources on GitHub
Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack
Microsoft has linked the Clop ransomware gang to a recent attack that uses a zero-day vulnerability in the MOVEit Transfer platform to steal data from organizations. The company’s Threat Intel team names Lace Tempest cybercrime gang as a key suspect in these attacks. Who are Lace Tempest hackers? Microsoft is attributing attacks that exploit the… Continue reading Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack
FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Microsoft analysts report that last month the notorious hacker group FIN7 (also known as Carbanak, Navigator and others) resumed its activity. The researchers were able to link FIN7 to attacks whose ultimate goal was to deploy the Clop ransomware on victims’ networks. FIN7 Cybercrime Group Goes On Let me remind you that we also wrote… Continue reading FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Visual Studio Code Malicious Plugins Steal Personal Data
Some plugins for Visual Studio Code, a popular code editing tool developed by Microsoft, appear to have malicious code. In particular, a one with over 45,000 downloads is capable stealing personal data. Community alarm forced the quick removal of these pests, but it can be the first sprout of something bigger. What is VS Code… Continue reading Visual Studio Code Malicious Plugins Steal Personal Data
Microsoft Edge Exposes Bing API Addresses of Attended Sites
Users have noticed that a bug seems to have crept into Microsoft Edge – the fact is that, starting with build 112.0.1722.34, the browser passes all the URLs that users visit to the Bing API. In theory, this allows Microsoft to monitor all online activity of Edge users if the company decides so. Let me… Continue reading Microsoft Edge Exposes Bing API Addresses of Attended Sites
Clop and LockBit Ransomware Exploit Fresh Vulnerabilities in PaperCut
Microsoft has linked recent attacks on PaperCut servers to ransomware operations by Clop and LockBit, which used vulnerabilities to steal corporate data. In March 2023, print management solutions provider PaperCut fixed vulnerabilities CVE-2023-27350 (9.8 out of 10 on the CVSS scale, equalling the recently-discovered MSMQ vulnerability) and CVE-2023-27351 (8.2 out of 10). on the CVSS… Continue reading Clop and LockBit Ransomware Exploit Fresh Vulnerabilities in PaperCut
Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network
Medusa extortionist group claims to have published internal materials stolen from Microsoft, including the source codes of Bing, Bing Maps and Cortana. Microsoft representatives have not yet commented on the hackers’ statements, but IT specialists say that the leak contains digital signatures of the company’s products, many of which are relevant. According to the researcher,… Continue reading Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network