Security News

Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. With this bug, both the Google Pixel's Markup Tool and the Windows Snipping Tool were found to be leaving the cropped data within the original file.

Microsoft on Friday shared guidance to help customers discover indicators of compromise associated with a recently patched Outlook vulnerability.Tracked as CVE-2023-23397, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager hashes and stage a relay attack without requiring any user interaction.

Microsoft today published a detailed guide aiming to help customers discover signs of compromise via exploitation of a recently patched Outlook zero-day vulnerability. Microsoft also shared guidance on how to block future attacks targeting this vulnerability, urging organizations to install the recently released Outlook security update.

American cybersecurity officials have released an early-warning system to protect Microsoft cloud users. Dubbed the Untitled Goose Tool, CISA said it "Offers novel authentication and data gathering methods for network defenders to use as they interrogate and analyze their Microsoft cloud services."

Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory, and Microsoft 365 cloud environments have a new free solution at their disposal: Untitled Goose Tool. As an agency charged with - among other things - helping US-based organizations in the government and private sector protect themselves against cyber attackers, CISA regularly releases free open-source services and tools for defenders to use.

Competitors successfully exploited zero-day bugs in multiple products during the second day of Pwn2Own Vancouver 2023, including the Tesla Model 3, Microsoft's Teams communication platform, the Oracle VirtualBox virtualization platform, and the Ubuntu Desktop operating system. Team Viettel hacked also Microsoft Teams via a 2-bug chain to earn $78,000 and Oracle's VirtualBox using a Use-After-Free bug and an uninitialized variable for $40,000.

New research from Microsoft's Threat Intelligence team exposed the activities of a threat actor named DEV-1101, which started advertising for an open-source phishing kit to deploy an adversary-in-the-middle campaign. According to Microsoft, the threat actor described the kit as a phishing application with "Reverse-proxy capabilities, automated setup, detection evasion through an antibot database, management of phishing activity through Telegram bots, and a wide range of ready-made phishing pages mimicking services such as Microsoft Office or Outlook."

The U.S. Cybersecurity & Infrastructure Security Agency has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. Known as the 'Untitled Goose Tool' and developed in collaboration with Sandia, a U.S. Department of Energy national laboratory, this Python-based utility can dump telemetry information from Azure Active Directory, Microsoft Azure, and Microsoft 365 environments.

Microsoft is testing an updated version of the Windows 11 Snipping Tool that fixes a recently disclosed 'Acropalypse' privacy flaw that allows the partial restoration of cropped images. As first spotted by Windows enthusiast Xeno, Microsoft released Windows 11 Snipping Tool version 11.2302.20.0 yesterday to Windows Insiders in the Canary channel via the Microsoft Store.

Microsoft has released a new Windows 11 preview build that adds a new dedicated USB4 settings page and support for displaying seconds in the system tray clock. "We are adding a USB4 hubs and devices Settings page for users under Settings > Bluetooth & devices > USB > USB4 Hubs and Devices," said Microsoft's Amanda Langowski and Brandon LeBlanc.