Skip to main content

Microsoft

Microsoft discloses security breach of customer support database

posted onJanuary 22, 2020
by l33tdawg
Credit: ZDNet

Microsoft disclosed today a security breach that took place last month in December 2019.

In a blog post today, the OS maker said that an internal customer support database that was storing anonymized user analytics was accidentally exposed online without proper protections between December 5 and December 31.

Internet Explorer has a major security flaw, but Microsoft can't patch it yet

posted onJanuary 20, 2020
by l33tdawg
Credit: Tech Radar

Following the reveal of a major security flaw in Internet Explorer that is currently being exploited by hackers, Microsoft has confirmed its existence though the software giant has no immediate plans to release a patch to fix it.

The security flaw in the company's legacy browser was first disclosed by a division of Homeland Security called US-CERT, that reports on major security flaws, in a tweet which contained a link to a security advisory concerning the bug. According to the advisory, the vulnerability has already been “detected in exploits in the wild”.

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

posted onJanuary 20, 2020
by l33tdawg
Credit: The Hacker News

Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it.

The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote code execution issue that exists in the way the scripting engine handles objects in memory of Internet Explorer and triggers through JScript.dll library.

Microsoft seizes web domains used by North Korean hackers

posted onJanuary 1, 2020
by l33tdawg
Credit: Japan Today

Microsoft says it has obtained a court order allowing it to seize web domains used by North Korean hacking groups to launch cyberattacks on human rights activists, researchers and others.

The U.S. technology giant said a federal court allowed it to take control of 50 domains operated by a group dubbed Thallium, which tricked online users by fraudulently using Microsoft brands and trademarks.

Microsoft: We never encourage a ransomware victim to pay

posted onDecember 17, 2019
by l33tdawg
Credit: ZDNet

Ever since ransomware became a top threat in the mid-2010s, people have been arguing about the proper way of dealing with a ransomware attack and the merits of paying or not paying a ransom demand.

A big point of contention has been "the official advice" that various companies or government agencies give out to victims.

Microsoft says new Dexphot malware infected more than 80,000 computers

posted onNovember 27, 2019
by l33tdawg
Credit: ZDNet

Microsoft security engineers detailed today a new malware strain that has been infecting Windows computers since October 2018 to hijack their resources to mine cryptocurrency and generate revenue for the attackers.

Named Dexphot, this malware reached its peak in mid-June this year, when its botnet reached almost 80,000 infected computers.

Microsoft announces a slew of security enhancements for Azure

posted onNovember 4, 2019
by l33tdawg
Credit: Neowin

To further protect its Azure customers, Microsoft has announced a variety of security-related enhancements for the platform - and Security Center in particular - at Ignite 2019.

First up is better threat protection for cloud resources by way of Azure Sentinel, the security information and event management (SIEM) offering from Microsoft's cloud. This means that any threat can be investigated, hunted and correlated with other signals quicker.

Microsoft releases out-of-band security update to fix IE zero-day & Defender bug

posted onSeptember 24, 2019
by l33tdawg
Credit: ZDNet

Microsoft has released an emergency out-of-band security update today to fix two critical security issues -- a zero-day vulnerability in the Internet Explorer scripting engine that has been exploited in the wild, and a Microsoft Defender bug.

The updates stand out because Microsoft usually likes to stay the course and only release security updates on the second Tuesday of every month. The company rarely breaks this pattern, and it's usually only for very important security issues.

A look at the Windows 10 exploit Google Zero disclosed this week

posted onAugust 15, 2019
by l33tdawg
Credit: Arstechnica

On Tuesday, Tavis Ormandy of Google's Project Zero released an exploit kit called ctftool, which uses and abuses Microsoft's Text Services Framework in ways that can effectively get anyone root—er, system that is—on any unpatched Windows 10 system they're able to log in to. The patches for this vulnerability—along with several other serious issues—went out in this week's Patch Tuesday update.

Microsoft Office 365 Webmail Exposes User's IP Address in Emails

posted onJuly 25, 2019
by l33tdawg
Credit: Bleeping Computer

If you use Office 365's webmail interface to prevent email recipients from seeing your local IP address, you are out of luck. When sending email through Office 365, your local IP address will be injected into the message as an extra mail header.

Operating a web site and focusing on infosec related topics has made me a paranoid person.  This leads me to send replies to stranger's emails via webmail so I do not expose my local IP address for security and to protect my privacy.