19 Jan 2021

Cruise, GM partner with Microsoft to commercialize self-driving vehicles

Self-driving car company Cruise has announced alongside majority shareholder General Motors that they are planning on partnering with Microsoft Corp to commercialize the autonomous vehicles. Microsoft, General Motors, Honda Motor Co., and other investors joined together in a combined new equity investment of more than $2 billion. This has elevated

Read More
19 Jan 2021

Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’

Microsoft is allegedly pushing a domain controller “enforcement mode” by default to help mitigate the threat posed by the critical Zerologon flaw. Microsoft is aiming to force all companies to update their systems and address the flaw, as it represents a severe security risk to businesses, agencies, and organizations. Microsoft

Read More
13 Jan 2021

Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021

83 vulnerabilities have been patched on Microsoft’s first Patch Tuesday of 2021. The patches addressed 10 major flaws, including a zero-day remote code execution bug in Microsoft Defender. 73 of the fixes are classified important and one is publicly known. The fixes addressed Microsoft Windows, the Edge search browser, ChakraCore,

Read More
28 Dec 2020

Windows Zero-Day Still Circulating After Faulty Fix

A high-severity Windows zero-day allows an attacker to install programs and access admin privileges such as viewing, changing, and deleting data. It can lead to a complete desktop takeover and is located in the Print Spooler API. However, the critical flaw remains dangerous after Microsoft failed to effectively patch the

Read More
22 Dec 2020

Microsoft, Google, Cisco, Dell join legal battle against hacking company NSO

On Monday, tech giants Microsoft, Cisco, Dell, and Google entered into a legal battle against hacking organization NSO. Facebook had already been battling the organization in court for a year and has now been backed by two industry leaders. The tech companies filed a brief in federal court alleging that

Read More
18 Dec 2020

Microsoft says it found malicious software in its systems

Yesterday, Microsoft announced that it had also been targeted by the SolarWinds espionage campaign after uncovering malware within its systems. The tech giant uses the networking management software Orion found to be the source of the attack impacting a half dozen federal agencies so far. Microsoft’s own products may have

Read More
19 Nov 2020

Microsoft gives Linux a security boost with these new attack detection tools

Microsoft has added new endpoint detection and response capabilities to Linux machines. The new features were made public through a preview feature. This will allow for Linux users to be better protected against threats and have the ability to take action quickly when one arises. Linux EDR will also help

Read More
05 Nov 2020

Google Forms Abused to Phish AT&T Credentials

A new campaign utilizing Google Forms to impersonate popular brands such as Office 365, Wells Fargo, and Microsoft OneDrive has been discovered. The phishing attacks aim to collect credentials from targets, utilizing a common technique in which recipients of the phishing emails are re-directed to fraudulent login pages masquerading as

Read More
04 Nov 2020

Games in Microsoft Store Can Be Abused for Privilege Escalation on Windows

A new flaw in Windows can allow malicious actors to exploit the vulnerability to escalate privileges to SYSTEM on Windows 10 through utilizing access through the Microsoft Store. Researchers at IOActive uncovered the threat, which was patched in October as part of Microsoft’s monthly Patch Tuesday. The flaw is known

Read More
19 Oct 2020

Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

A series of phishing campaigns are allegedly targeting public cloud users, according to researchers from cybersecurity firm Greathorn. The campaigns aim to compromise Microsoft Office 365 and Gmail accounts by leveraging intriguing headlines pertaining to current events. The phishing emails contain malicious links that, when opened, lead victims to a

Read More