Microsoft

‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security

‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security

Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users: a phishing-as-a-service toolkit dubbed “SessionShark O365…

4 days ago
Microsoft Offers $30,000 Bounties for AI Security FlawsMicrosoft Offers $30,000 Bounties for AI Security Flaws

Microsoft Offers $30,000 Bounties for AI Security Flaws

Microsoft has launched a new bounty program that offers up to $30,000 to security researchers who discover vulnerabilities in its…

5 days ago
Windows Disk Cleanup Tool Exploit Allows SYSTEM Privilege EscalationWindows Disk Cleanup Tool Exploit Allows SYSTEM Privilege Escalation

Windows Disk Cleanup Tool Exploit Allows SYSTEM Privilege Escalation

Microsoft has urgently addressed a high-severity privilege escalation vulnerability (CVE-2025-21420) in the Windows Disk Cleanup Utility (cleanmgr.exe) during its February…

2 months ago
Microsoft Ignite New 360-Degree Details Attackers Tools & MethodsMicrosoft Ignite New 360-Degree Details Attackers Tools & Methods

Microsoft Ignite New 360-Degree Details Attackers Tools & Methods

A significant leap forward in cybersecurity was announced with the introduction of new threat intelligence (TI) capabilities in Security Copilot, aimed…

5 months ago
Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking GroupMicrosoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of domains a Russian hacking group linked…

7 months ago
Threat Actor Allegedly Claiming Hack of Microsoft Employee’s DeviceThreat Actor Allegedly Claiming Hack of Microsoft Employee’s Device

Threat Actor Allegedly Claiming Hack of Microsoft Employee’s Device

 A threat actor has taken to social media to claim responsibility for hacking into a Microsoft employee's device. The announcement…

9 months ago
Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass AuthenticationMicrosoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication

Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication

Researchers have uncovered a vulnerability in Microsoft's Windows Hello for Business (WHfB) that allows attackers to bypass its robust authentication…

9 months ago
Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA WarnsMidnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a breach in Microsoft's corporate email system.…

1 year ago
New OilRig Downloaders Abusing Microsoft Cloud APIs for C&C CommunicationsNew OilRig Downloaders Abusing Microsoft Cloud APIs for C&C Communications

New OilRig Downloaders Abusing Microsoft Cloud APIs for C&C Communications

Threat actors engage in cyberespionage to gain the following advantages:- Strategic Political Economic Military Hackers do so by stealing the…

1 year ago
Octo Tempest Attacking Organizations to Steal Financial DataOcto Tempest Attacking Organizations to Steal Financial Data

Octo Tempest Attacking Organizations to Steal Financial Data

Microsoft has been closely monitoring the Octo Tempest, a significant financial threat organization.  This threat group employs various strategies and…

2 years ago