Microsoft

Windows Disk Cleanup Tool Exploit Allows SYSTEM Privilege EscalationWindows Disk Cleanup Tool Exploit Allows SYSTEM Privilege Escalation

Windows Disk Cleanup Tool Exploit Allows SYSTEM Privilege Escalation

Microsoft has urgently addressed a high-severity privilege escalation vulnerability (CVE-2025-21420) in the Windows Disk Cleanup Utility (cleanmgr.exe) during its February…

1 month ago
Microsoft Ignite New 360-Degree Details Attackers Tools & MethodsMicrosoft Ignite New 360-Degree Details Attackers Tools & Methods

Microsoft Ignite New 360-Degree Details Attackers Tools & Methods

A significant leap forward in cybersecurity was announced with the introduction of new threat intelligence (TI) capabilities in Security Copilot, aimed…

4 months ago
Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking GroupMicrosoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of domains a Russian hacking group linked…

6 months ago
Threat Actor Allegedly Claiming Hack of Microsoft Employee’s DeviceThreat Actor Allegedly Claiming Hack of Microsoft Employee’s Device

Threat Actor Allegedly Claiming Hack of Microsoft Employee’s Device

 A threat actor has taken to social media to claim responsibility for hacking into a Microsoft employee's device. The announcement…

8 months ago
Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass AuthenticationMicrosoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication

Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication

Researchers have uncovered a vulnerability in Microsoft's Windows Hello for Business (WHfB) that allows attackers to bypass its robust authentication…

8 months ago
Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA WarnsMidnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a breach in Microsoft's corporate email system.…

12 months ago
New OilRig Downloaders Abusing Microsoft Cloud APIs for C&C CommunicationsNew OilRig Downloaders Abusing Microsoft Cloud APIs for C&C Communications

New OilRig Downloaders Abusing Microsoft Cloud APIs for C&C Communications

Threat actors engage in cyberespionage to gain the following advantages:- Strategic Political Economic Military Hackers do so by stealing the…

1 year ago
Octo Tempest Attacking Organizations to Steal Financial DataOcto Tempest Attacking Organizations to Steal Financial Data

Octo Tempest Attacking Organizations to Steal Financial Data

Microsoft has been closely monitoring the Octo Tempest, a significant financial threat organization.  This threat group employs various strategies and…

1 year ago
Microsoft to Kill NTLM and Expand Kerberos AuthenticationMicrosoft to Kill NTLM and Expand Kerberos Authentication

Microsoft to Kill NTLM and Expand Kerberos Authentication

Robust security measures are paramount in an ever-changing digital landscape. As Windows adapts to meet the evolving demands of our…

1 year ago
ToddyCat APT Hackers Exploiting Vulnerable Microsoft Exchange ServersToddyCat APT Hackers Exploiting Vulnerable Microsoft Exchange Servers

ToddyCat APT Hackers Exploiting Vulnerable Microsoft Exchange Servers

ToddyCat, a highly skilled advanced persistent threat (APT) actor notorious for launching targeted attacks in Europe and Asia, has recently…

1 year ago