Security News

The Microsoft Threat Intelligence Center has disrupted a hacking and social engineering operation linked to a Russian threat actor tracked as SEABORGIUM that targets people and organizations in NATO countries. "Within the target countries, SEABORGIUM primarily focuses operations on defense and intelligence consulting companies, non-governmental organizations and intergovernmental organizations, think tanks, and higher education," explains Microsoft in a report released today.

A security feature bypass vulnerability has been uncovered in three signed third-party Unified Extensible Firmware Interface boot loaders that allow bypass of the UEFI Secure Boot feature. "These vulnerabilities can be exploited by mounting the EFI System Partition and replacing the existing bootloader with the vulnerable one, or modifying a UEFI variable to load the vulnerable loader instead of the existing one," hardware security firm Eclypsium said in a report shared with The Hacker News.

Microsoft is showing ads for Microsoft 365 Family subscriptions to its Office 2021 customers, offering them discounts of over $28 to get a 3-month Family plan subscription. Several users have reported seeing these ads this week, starting on August 10, with Lee Holmes, a Principal Security Architect at Microsoft Azure Security, also sharing today a screenshot showing the ad displayed as an alert bar under the Office menu.

Some signed third-party bootloaders for the Unified Extensible Firmware Interface could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads. Eclypsium security researchers Mickey Shkatov and Jesse Michael discovered vulnerabilities affecting UEFI bootloaders from third-party vendors that could be exploited to bypass the Secure Boot feature on Windows machines.

Microsoft appears to have beat Google on the bug bounty front, with $13.7 million in rewards spread out over 335 researchers. The biggest prize awarded by Microsoft was $200,000 under the Hyper-V Bounty Program and the average award was $12,000.

Microsoft is investigating customer reports of a known issue causing Outlook for Microsoft 365 to freeze and crash right after opening. According to a new support document published by Redmond on Thursday, these Outlook desktop client crashes will be automatically logged and can be confirmed by checking the Windows Event Viewer Application Log for Event 1000 or Event 1001.

Microsoft has pulled the Microsoft 365 version 2206 update after users report their Office applications are crashing when viewing a contact card or hovering over a user's name or photo. "Just upgraded to Office 2206 in Monthly Enterprise Channel and whenever you move the cursor over the picture or icon of the sender of an email, outlook immediately crashes," explained a Microsoft 365 on the Microsoft Answers forum.

Instead of thinking about lists of devices, databases, servers and other assets, you can get better defenses by looking at your inventory from the outside in, the way an attacker would, thinking about what security weaknesses your assets have, what they're connected to and what would be exposed if they were compromised. "We need to help security teams and defenders of all kinds change the game in how they think about what attackers are doing. How do we think the way that attackers do, and how can we look at our own organizations the way that an attacker would see them?".

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. It's worth noting that the 121 security flaws are in addition to 25 shortcomings the tech giant addressed in its Chromium-based Edge browser late last month and the previous week.

A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites. Posting links to phishing pages on various legitimate sites aims to increase traffic and boost the malicious site's search engine rankings.