Security News

A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. D0x has created a new phishing method that uses Microsoft Edge WebView2 applications to easily steal a user's authentication cookies and log into stolen accounts, even if they are secured with MFA. Microsoft Edge WebView2 to the rescue.

Microsoft has reminded customers that the Exchange Server 2013 mail and calendaring platform will reach its extended end-of-support date roughly nine months from now, on April 11, 2021.Released in January 2013, Exchange Server 2013 entered its ninth year of service and has already reached the mainstream end date more than four years ago, on April 10, 2018.

Microsoft wants to make Edge the go-to browser for gaming, with new features unveiled today, including a new gaming portal and the public release of its Clarity boost upscaling feature when using Xbox Cloud Gaming. Those using Microsoft's Xbox Cloud Gaming service to stream games to their PCs may have noticed a difference in graphics quality compared to playing the game on the console.

The Computer Emergency Response Team of Ukraine has cautioned of a new set of spear-phishing attacks exploiting the "Follina" flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group tracked as APT28, the agency said the attacks commence with a lure document titled "Nuclear Terrorism A Very Real Threat.rtf" that, when opened, exploits the recently disclosed vulnerability to download and execute a malware called CredoMap.

Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia's invasion. Since the start of the war, threat actors linked to several Russian intelligence services have attempted to breach entities in dozens of countries worldwide, prioritizing governments, according to Microsoft Threat Intelligence Center analysts.

Microsoft says support for Windows Subsystem for Linux distros can now be added to any machine running Windows Server 2022 by installing this month's Patch Tuesday updates. "You can now use Windows Subsystem for Linux 2 type distros on Windows Server 2022," Loewen said.

An advanced persistent threat group, dubbed ToddyCat, is believed behind a series of attacks targeting Microsoft Exchange servers of high-profile government and military installations in Asia and Europe. "The first wave of attacks exclusively targeted Microsoft Exchange Servers, which were compromised with Samurai, a sophisticated passive backdoor that usually works on ports 80 and 443," wrote Giampaolo Dedola security researcher at Kaspersky, in a report outlining the APT. Researchers said ToddyCat a is relatively new APT and there is "Little information about this actor."

Microsoft has revealed that this week's Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions. Starting on Monday, June 20, at 11:00 PM UTC, customers began experiencing and reporting several issues while trying to access and use Microsoft 365 services.

An ongoing outage affects multiple Microsoft 365 services, with customers worldwide reporting delays, sign-in failures, and issues accessing their accounts. The affected services include the Exchange Online hosted email platform for businesses and the Microsoft Teams communication platform, as well as SharePoint Online, the Graph API, and Universal Print.

An advanced persistent threat group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. At the time, the hacking group exploited the ProxyLogon Exchange flaws that allowed them to gain remote code execution on vulnerable servers to deploy China Chopper web shells.