Security News
Microsoft is finally rolling out the new File Explorer tabbed interface with the release of Windows 11 Insider Preview Build 25136 to the Dev Channel. "To help you work across multiple locations at the same time, the title bar of File Explorer now has tabs. We'd love your feedback on which tabs features you'd like to see next," the Windows Insider team said.
Microsoft has announced a new feature for Microsoft Defender for Endpoint to help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network.There's a catch: the new MDE capability works only with onboarded devices running Windows 10 and later or Windows Server 2019 and later.
Major supply-chain attacks of recent years - we're talking about SolarWinds, Kaseya and Log4j to name a few - are "Just the tip of the iceberg at this point," according to Aanchal Gupta, who leads Microsoft's Security Response Center. As the head of MSRC, Gupta has a unique vantage point.
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool, even as the Follina flaw continues to be exploited in the wild. The issue - referenced as DogWalk - relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a specially crafted ".
A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked CVE-2022-30190. The payload, which manifests in the form of a PowerShell script, is Base64-encoded and functions as a downloader to retrieve a second PowerShell script from a remote server named "Seller-notification[.]live."
Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs. "Bohrium actors create fake social media profiles, often posing as recruiters," said Amy Hogan-Burney, GM of Microsoft's Digital Crimes Unit.
Microsoft has fixed a bug where the Microsoft Rewards accounts of customers who redeemed points would get suspended without warning. The bug was addressed following a stream of user reports worldwide saying that they received messages their accounts got banned after redeeming points earned via Microsoft Rewards.
Microsoft's Digital Crimes Unit last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation. "Bohrium actors create fake social media profiles, often posing as recruiters," Amy Hogan-Burney of the DCU said in a tweet.
Microsoft said this week that Windows Autopatch, a service to automatically keep Windows and Microsoft 365 software up to date in enterprise environments, has now reached public preview.Windows Autopatch automatically manages the deployment of Windows 10 and Windows 11 quality and feature updates, drivers, firmware, and Microsoft 365 Apps for enterprise updates.
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group, the tech giant's Threat Intelligence Center said it suspended over 20 malicious OneDrive applications created and that it notified affected organizations.