Security News
Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company's Cobalt Strike software to distribute malware. The US District Court for the Eastern District of New York on March 31 issued a court order allowing Microsoft and Fortra to take down IP addresses that are hosting cracked versions of Cobalt Strike and seize the domain names.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
Microsoft announced today that Client Access Rules deprecation in Exchange Online will be delayed by one year until September 2024. Microsoft 365 administrators can utilize CARs comprising priority values, exceptions, actions, and conditions to filter client access to Exchange Online using various factors.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. While Cobalt Strike, developed and maintained by Fortra, is a legitimate post-exploitation tool used for adversary simulation, illegal cracked versions of the software have been weaponized by threat actors over the years.
"Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 or upgrade to Windows 11 to remain supported." You can find more details regarding Windows end-of-service dates in the Windows Lifecycle FAQ, the Windows 10 Servicing Frequently Asked Questions, and with the help of the Lifecycle Policy search tool.
"We will need to be persistent as we work to take down the cracked, legacy copies of Cobalt Strike hosted around the world," said Amy Hogan-Burney, the head of Microsoft's Digital Crimes Unit. Last Friday, March 31, the U.S. District Court for the Eastern District of New York issued a court order allowing the coalition to seize the domain names and take down the IP addresses of servers hosting cracked versions of Cobalt Strike.
Microsoft announced today that the recently introduced Edge Workspaces feature, which allows users to share groups of tabs with friends and family, is now available as part of a limited public preview. First revealed in an enterprise public preview at the company's October 2022 Ignite conference for developers and IT professionals, Microsoft Edge Workspaces is designed to provide groups of people with access to the same set of tabs after signing into their Microsoft account.
Redmond in April 2022 unveiled Windows Autopatch to automate updates to endpoints, but still giving administrators controls to adapt or make changes as needed. In this case, Autopatch beginning in May will include the ability to alert them to expired licenses that need to be renewed or replaced to retain access to Autopatch.
Microsoft has announced plans to automatically block embedded files with "Dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery. Microsoft said it intends to prevent users from directly opening an embedded file with a dangerous extension and display the message: "Your administrator has blocked your ability to open this file type in OneNote."