Security News

Microsoft is investigating and working on addressing an ongoing outage affecting the company's Outlook webmail service. According to information shared via the company's Microsoft 365 Status Twitter account, Redmond is performing targeted restarts to portions of the infrastructure impacted by a recent change.

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email.On top of that, Microsoft said it implemented additional security measures to improve the vetting process associated with the Microsoft Cloud Partner Program and minimize the potential for fraud in the future.

Malicious third-party OAuth apps with an evident "Publisher identity verified" badge have been used by unknown attackers to target organizations in the UK and Ireland, Microsoft has shared. Targets in these organizations who have fallen for the trick effectively allowed these rogue apps to access to their O365 email accounts and infiltrate organizations' cloud environments.

All company communication needs may vary but certain standard template messages can come in handy for IT staff to keep employees up to date on "Need to know" informational bulletins. A formal set of message templates will allow you to deliver both event-based and proactive communications, which ensures that everyone is up to speed on critical developments, projects and company policies.

For organizations, deciding what email encryption solution to use is often not so simple and, generally speaking, there is no single correct answer. Best-effort opportunistic encryption methods such as Outlook Message Encryption and various third-party solutions have the benefit of being easy to use.

GPT-3 language models are being abused to do much more than write college essays, according to WithSecure researchers. Perhaps unsurprisingly, GPT-3 proved to be helpful at crafting a convincing email thread to use in a phishing campaign and social media posts, complete with hashtags, to harass a made-up CEO of a robotics company.

"Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table of 27 Hosted Exchange customers," Rackspace said in an incident report update shared with BleepingComputer in advance. "Customers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor."

To address these challenges, Google, Microsoft and Proton, whose Proton Mail service was a first-mover in secure email, both moved to expand end-to-end encryption offerings. Google's announcement followed that of Proton, an encrypted cloud storage platform launched in 2013 in Geneva, Switzerland by CEO Andy Yen.

The notorious information-stealer known as Vidar is continuing to leverage popular social media services such as TikTok, Telegram, Steam, and Mastodon as an intermediate command-and-control server. What's new in the latest version of the malware is that the gathered data is encoded prior to exfiltration, a change from the previous variants that have been known to send the compressed file data in plaintext format.

Since July 22nd, 2022, threat actors and data breach collectors have been selling and circulating large data sets of scraped Twitter user profiles containing both private and public data on various online hacker forums and cybercrime marketplaces. These data sets were created in 2021 by exploiting a Twitter API vulnerability that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID. The threat actors then used another API to scrape the public Twitter data for the ID and combined this public data with private email addresses/phone numbers to create profiles of Twitter users.