Tuesday, June 25, 2024

Microsoft Addresses Azure AD Flaw Following Criticism from Tenable’s CEO

After being criticized as "grossly irresponsible" and "blatantly negligent” by the CEO of Tenable, Microsoft addressed a vulnerability in the Power Platform Custom Connectors...

U.S. Senator Blasts Microsoft for Chinese Hack Seeks Federal Action

A joint alert from the FBI and CISA concerning a hacking campaign that targeted Microsoft customers, including government entities, was released on July 12.In a letter to...

Microsoft Message Queuing Service Flaw Allows DoS and RCE Attacks

Reports indicate that there have been three critical flaws including DDoS and Remote code execution discovered in the Microsoft Message Queuing Service (MMQS).These...

Hacked Microsoft Keys Let Attackers Access a Wide Range of Azure Applications

The China-linked threat actors who stole the US State Department and other Microsoft customer emails may have acquired access to apps other than Exchange...

Microsoft Expands Security Logging and Offers 365 Clients Free Access

Microsoft expanded cloud logging accessibility and flexibility for customers' deeper security visibility.This expansion coordinates results with commercial and government customers and the Cybersecurity and...

Hackers Turn Exchange Servers into Malware Command & Control Centers

Turla, also known as Secret Blizzard, KRYPTON, and UAC-0003, is an Advanced Persistent Threat (APT) group that has been associated with Russia's Federal Security...

Lazarus APT Group Hijack Windows IIS Servers to Distribute Malware

Threat actors always search for vulnerable devices and networks to gain illicit access and perform malicious activities to accomplish their goals.The APT group, Lazarus,...

Hackers Actively Exploit Unpatched Office Zero-Day Flaw in the Wild

Storm-0978, a threat actor, actively targeted European and North American defense and government entities in a phishing campaign.Exploiting CVE-2023-36884, the campaign used Word documents...

Microsoft Renamed Azure Active Directory to Entra ID

Microsoft has recently made an announcement that their Microsoft Entra service has been extended to include the Security Service Edge.Moreover, the Azure AD has...
Windows Policy Loophole

Windows Policy Loophole Let Hackers to Install Malicious Kernel Mode Drivers

Microsoft blocked code signing certs, favored by Chinese hackers and devs, for loading malicious kernel mode drivers via Windows policy exploit.Windows kernel-mode drivers, at...

Managed WAF protection


Recent Articles