Security News

Microsoft is investigating and working on addressing an ongoing outage affecting the company's Outlook webmail service. According to information shared via the company's Microsoft 365 Status Twitter account, Redmond is performing targeted restarts to portions of the infrastructure impacted by a recent change.

An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Two Iranian nationals have been accused for their role in the disinformation and threat campaign.

Microsoft believes the gang who boasted it had stolen and leaked more than 200,000 Charlie Hebdo subscribers' personal information is none other than a Tehran-backed gang. On January 4, a previously unknown cyber-crime group that called itself Holy Souls claimed to have stolen a Charlie Hebdo database containing 230,000 customers' names, email addresses, phone numbers, addresses, and financial information, and offered it for sale for about $340,000.

In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Enterprise firm Proofpoint said it detected over 50 campaigns leveraging OneNote attachments in the month of January 2023 alone.

Windows 10 users are reportedly being blocked from accessing their desktops by full-screen trial offers for the Microsoft 365 productivity suite. They are displayed during the Windows Out of Box Experience before loading the Windows desktop.

Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office more often as method to achieve persistence and execute code on a target machine via malicious Office add-ins. NET-based malware and embedding it into the Office add-in.

Microsoft says the KB5021751 update is respecting users' privacy while identifying the number of customers running Office versions that are outdated or approaching their end of support. It will only be installed on systems where one of the following Microsoft Office versions is also present: Office 2013, Office 2010, or Office 2007.

Microsoft this week rolled out fixes to issues caused by security updates released in December 2022 that botched how XPS documents are displayed in various versions of. Some users who installed the security updates for those developer platforms saw problems with how Windows Presentation Foundation applications rendered XPS documents.

Miscreants using malicious OAuth applications abused Microsoft's "Verified publisher" status to gain access to organizations' cloud environments, then steal data and pry into to users' mailboxes, calendars, and meetings. According to researchers with Proofpoint, which uncovered the campaign in early December, hijacking the "Verified publisher" status enabled the cybercriminals to satisfy some of Microsoft's requirements for distributing OAuth applications.

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email.On top of that, Microsoft said it implemented additional security measures to improve the vetting process associated with the Microsoft Cloud Partner Program and minimize the potential for fraud in the future.