Security News

Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers.Named CosMiss, the security issue is in Azure Cosmos DB built-in Jupyter Notebooks that integrate into the Azure portal and Azure Cosmos DB accounts for querying, analyzing, and visualizing NoSQL data and results easier.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft is working on a fix for ongoing sign-in issues affecting some Outlook for Microsoft 365 customers and preventing them from accessing their accounts. While Microsoft says that the Outlook Team is working on a solution for this known issue, an official workaround is available for those who want to access their accounts until a fix rolls out.

Microsoft says Windows domain join processes may fail with "0xaac" errors after applying this month's security updates. The issue stems from hardening changes introduced when addressing the CVE-2022-38042 elevation of privilege vulnerability in the Active Directory Domain Services that would allow attackers to gain domain administrator privileges.

Microsoft is investigating a known issue causing OneDrive and OneDrive for Business crashes on Windows 10 systems where customers have installed updates released earlier this month. "After installing KB5018410 or later updates, OneDrive might unexpectedly close," the company explained in a Windows health dashboard update.

The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services web server logs. Like any web server, when a remote user accesses a webpage, IIS will log the request to log files that contain the timestamp, source IP addresses, the requested URL, HTTP status codes, and more.

Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. "Beginning on September 19, 2022, Microsoft identified Raspberry Robin worm infections deploying IcedID and-later at other victims-Bumblebee and TrueBot payloads," Microsoft Security Threat Intelligence analysts said.

Microsoft appears to have woken up and realized it may have left certain Windows Server and Windows 10 systems exposed to exploitable drivers for years. This month it emerged the list of vulnerable drivers HVCI was supposed to be blocking was wildly out of date on machines running certain pre-Windows 11 operating systems, such as some Windows 10 and Windows Server builds.

Windows 10 and Server systems unprotected since 2019 Microsoft appears to have finally fixed a driver issue that left some Windows Server and 10 systems exposed to vulnerable drivers.…

Microsoft has addressed a known issue that triggers SSL/TLS handshake failures on client and server platforms with the release of the KB5018496 preview cumulative update. [...]