18 Feb 2021

Masslogger Swipes Microsoft Outlook, Google Chrome Credentials

According to researchers, Cybercriminals are targeting Windows users with a new and improved variant of the Masslogger Trojan. The malicious software is spyware that is designed to steal credentials from popular applications such as Microsoft Outlook, Google Chrome, and other messenger accounts. Researchers allegedly uncovered the campaign in mid-January, finding

Read More
17 Feb 2021

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches

Microsoft is releasing a new servicing stack update after last week’s Patch Tuesday created a slew of problems for Windows users. Microsoft has removed the latest set of updates and released a new Patch Tuesday install that fixes the initial issue and installs Windows updates. The defective update released last

Read More
16 Feb 2021

1000+ Hackers Worked on SolarWinds Campaign, Microsoft Says

The SolarWinds hack may have included 1,000 Russian state-backed operatives, according to new information released by Microsoft president Brad Smith. Smith gave an interview over the weekend in which he argued that the SolarWinds breach was the largest and most sophisticated cyberattack to date. Smith added that 4,000 lines of

Read More
05 Feb 2021

Microsoft Partnership Will Bring New Cloud Service to DOD Microelectronics Project

On Thursday, Microsoft announced new partnerships with ten different companies that will aim to support Defense Department projects using Azure cloud services. In October of 2020, the DoD rewarded Microsoft and IBM a transaction authority contract totaling $24.5 million to assist the agency on a program called the Rapid Assured

Read More
05 Feb 2021

Microsoft Office 365 Attacks Sparked from Google Firebase

According to researchers at Amorblox, a new phishing campaign is able to evade Microsoft security defenses seeking to steal Office365 credentials. Security researchers at Amorblox discovered the campaign when they noticed invoice themed emails sent to at least 20,000 inboxes. The emails ask recipients to share information about an electronic

Read More
04 Feb 2021

Microsoft Sees Spike in BEC Attacks Targeting Schools

On Tuesday, Microsoft published a series of posts to Twitter warning of a visible uptick in BEC attacks targeting K-12 school teachers. This time, the operators behind the BEC attacks are impersonating teachers’ colleagues with gift-card themed emails. According to Microsoft Security Intelligence, the attackers create fake email accounts impersonating

Read More
29 Jan 2021

Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher

Recent attacks against security researchers have been linked to North Korean APT ZINC, an affiliate of the notorious Lazarus group. New details have emerged on the attack, describing how the APT exploited Visual Studio, a Microsoft product, to infect systems with malware now known to be the comebacker malware variant.

Read More
29 Jan 2021

SolarWinds attack is not an outlier, but a moment of reckoning for security industry, says Microsoft exec

Microsoft was one of the companies impacted by the SolarWinds espionage campaign alongside Mimecast Palo Alto Networks, Qualys, Malwarebytes, and Fidelis. According to Microsoft’s corporate vice president of security, compliance, and identity, Vasu Jakkal, believes that similar attacks are yet to come. Jakkal stated that SolarWinds has taught the security

Read More
27 Jan 2021

More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack

Two more companies, Mimecast and Qualys, have emerged in the SolarWinds breach, claiming that they were targeted by the same threat actor that breached the IT management solutions provider SolarWinds. The attack was a sophisticated supply chain hack that eventually went on to install backdoors in US agencies’ systems. Fidelis

Read More
20 Jan 2021

Malwarebytes Targeted by SolarWinds Hackers

On Tuesday, Cybersecurity firm Malwarebytes conceded that it was targeted by the same hackers responsible for the SolarWinds attack, in which suspected Russian nation-state hackers compromised the systems of the IT management company in a sophisticated supply chain attack. Although Malwarebytes has not used any SolarWinds products, an internal investigation

Read More