26 Feb 2021

Microsoft Releases Free Tool for Hunting SolarWinds Malware

Microsoft has released a free tool designed to hunt SolarWinds malware following a devastating espionage campaign in which Russian state hackers compromised SolarWind’s Orion software in a supply-chain attack that affected major US organizations and federal agencies. Organizations who are still investigating whether they are victims of or still infected

Read More
25 Feb 2021

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails

According to a Tuesday report by Cofense, cybercriminals are increasingly using Microsoft services such as Outlook, Teams, and Office to launch themed phishing attacks and steal credentials from their targets. According to Cofense, almost half of phishing attacks in 2020 aimed to steal Microsoft credentials using lures related to the

Read More
23 Feb 2021

Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool

According to recent Check Point Security Research, Chinese threat actor group APT31 allegedly cloned and re-used a National Security Agency hacking tool years before Microsoft patched the severe vulnerability that it targeted. The tool was a Windows-based program that was referred to as “Jian” until the Microsoft vulnerability was patched

Read More
23 Feb 2021

10K Microsoft Email Users Hit in FedEx Phishing Attack

Microsoft users are receiving phishing emails fraudulently claiming to be from mail couriers FedEx and DHL Express. However, malicious links within the message steal credentials from victims. The recent attacks targeted at least 10,000 Microsoft users, according to the tech giant. The scams used phishing pages hosted on legitimate domains

Read More
18 Feb 2021

Masslogger Swipes Microsoft Outlook, Google Chrome Credentials

According to researchers, Cybercriminals are targeting Windows users with a new and improved variant of the Masslogger Trojan. The malicious software is spyware that is designed to steal credentials from popular applications such as Microsoft Outlook, Google Chrome, and other messenger accounts. Researchers allegedly uncovered the campaign in mid-January, finding

Read More
17 Feb 2021

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches

Microsoft is releasing a new servicing stack update after last week’s Patch Tuesday created a slew of problems for Windows users. Microsoft has removed the latest set of updates and released a new Patch Tuesday install that fixes the initial issue and installs Windows updates. The defective update released last

Read More
16 Feb 2021

1000+ Hackers Worked on SolarWinds Campaign, Microsoft Says

The SolarWinds hack may have included 1,000 Russian state-backed operatives, according to new information released by Microsoft president Brad Smith. Smith gave an interview over the weekend in which he argued that the SolarWinds breach was the largest and most sophisticated cyberattack to date. Smith added that 4,000 lines of

Read More
05 Feb 2021

Microsoft Partnership Will Bring New Cloud Service to DOD Microelectronics Project

On Thursday, Microsoft announced new partnerships with ten different companies that will aim to support Defense Department projects using Azure cloud services. In October of 2020, the DoD rewarded Microsoft and IBM a transaction authority contract totaling $24.5 million to assist the agency on a program called the Rapid Assured

Read More
05 Feb 2021

Microsoft Office 365 Attacks Sparked from Google Firebase

According to researchers at Amorblox, a new phishing campaign is able to evade Microsoft security defenses seeking to steal Office365 credentials. Security researchers at Amorblox discovered the campaign when they noticed invoice themed emails sent to at least 20,000 inboxes. The emails ask recipients to share information about an electronic

Read More
04 Feb 2021

Microsoft Sees Spike in BEC Attacks Targeting Schools

On Tuesday, Microsoft published a series of posts to Twitter warning of a visible uptick in BEC attacks targeting K-12 school teachers. This time, the operators behind the BEC attacks are impersonating teachers’ colleagues with gift-card themed emails. According to Microsoft Security Intelligence, the attackers create fake email accounts impersonating

Read More