Microsoft has released a free tool designed to hunt SolarWinds malware following a devastating espionage campaign in which Russian state hackers compromised SolarWind’s Orion software in a supply-chain attack that affected major US organizations and federal agencies. Organizations who are still investigating whether they are victims of or still infected

According to a Tuesday report by Cofense, cybercriminals are increasingly using Microsoft services such as Outlook, Teams, and Office to launch themed phishing attacks and steal credentials from their targets. According to Cofense, almost half of phishing attacks in 2020 aimed to steal Microsoft credentials using lures related to the

According to recent Check Point Security Research, Chinese threat actor group APT31 allegedly cloned and re-used a National Security Agency hacking tool years before Microsoft patched the severe vulnerability that it targeted. The tool was a Windows-based program that was referred to as “Jian” until the Microsoft vulnerability was patched

Microsoft users are receiving phishing emails fraudulently claiming to be from mail couriers FedEx and DHL Express. However, malicious links within the message steal credentials from victims. The recent attacks targeted at least 10,000 Microsoft users, according to the tech giant. The scams used phishing pages hosted on legitimate domains

According to researchers, Cybercriminals are targeting Windows users with a new and improved variant of the Masslogger Trojan. The malicious software is spyware that is designed to steal credentials from popular applications such as Microsoft Outlook, Google Chrome, and other messenger accounts. Researchers allegedly uncovered the campaign in mid-January, finding

Microsoft is releasing a new servicing stack update after last week’s Patch Tuesday created a slew of problems for Windows users. Microsoft has removed the latest set of updates and released a new Patch Tuesday install that fixes the initial issue and installs Windows updates. The defective update released last

The SolarWinds hack may have included 1,000 Russian state-backed operatives, according to new information released by Microsoft president Brad Smith. Smith gave an interview over the weekend in which he argued that the SolarWinds breach was the largest and most sophisticated cyberattack to date. Smith added that 4,000 lines of

On Thursday, Microsoft announced new partnerships with ten different companies that will aim to support Defense Department projects using Azure cloud services. In October of 2020, the DoD rewarded Microsoft and IBM a transaction authority contract totaling $24.5 million to assist the agency on a program called the Rapid Assured

According to researchers at Amorblox, a new phishing campaign is able to evade Microsoft security defenses seeking to steal Office365 credentials. Security researchers at Amorblox discovered the campaign when they noticed invoice themed emails sent to at least 20,000 inboxes. The emails ask recipients to share information about an electronic

On Tuesday, Microsoft published a series of posts to Twitter warning of a visible uptick in BEC attacks targeting K-12 school teachers. This time, the operators behind the BEC attacks are impersonating teachers’ colleagues with gift-card themed emails. According to Microsoft Security Intelligence, the attackers create fake email accounts impersonating