Security News

The Microsoft Exchange admin portal is currently inaccessible from some browsers after Microsoft forgot to renew the SSL certificate for the website. Starting at 8 AM EST today, Microsoft Exchange admins who attempted to access the admin portal at admin.

Microsoft has released the first Windows 10 build without the Internet Explorer web browser to Windows Insiders in the Dev Channel. As Microsoft announced on Wednesday, Internet Explorer 11 will be permanently retired from several Windows 10 versions and editions, and replaced with the Chromium-based Microsoft Edge in June 2022.

Microsoft this week announced the availability of SimuLand, an open source tool that enables security researchers to reproduce attack techniques in lab environments. The purpose of SimuLand, Microsoft says, is to help understand the behavior and functionality of threat actors' tradecraft, to find mitigations and validate existing detection capabilities, and to identify and share data sources relevant to adversary detection.

Microsoft on Thursday warned of a "Massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. The new wave of attacks, which the company spotted last week, commences with spam emails sent from compromised email accounts with "Outgoing Payments" in the subject line, luring the recipients into opening malicious PDF documents that claim to be remittances, but in reality, connect to a rogue domain to download the STRRAT malware.

ServiceNow announced new strategic Security Operations-focused integrations with Microsoft, extending the two companies existing partnership. According to Gartner, "The threat and attack surface that Security Operations must address continues to grow as businesses expand their use of cloud services like SaaS and cloud infrastructure and platform services, as OT/industrial control system environments become more connected, and as workers are more distributed." With one platform, one data model, and one architecture, the Now Platform is breaking down silos created by solutions that weren't designed to work together, and the new Security Operations integrations with Microsoft take this a step further.

Microsoft has released SimuLand, an open-source lab environment to help test and improve Microsoft 365 Defender, Azure Defender, and Azure Sentinel defenses against real attack scenarios. SimuLand test labs "Provide use cases from a variety of data sources including telemetry from Microsoft 365 Defender security products, Azure Defender, and other integrated data sources through Azure Sentinel data connectors," MSTIC Threat Researcher Roberto Rodriguez said.

A massive malware campaign pushed the Java-based STRRAT remote access trojan, known for its data theft capabilities and the ability to fake ransomware attacks. In a series of tweets, the Microsoft Security Intelligence team outlined how this "Massive email campaign" spread the fake ransomware payloads using compromised email accounts.

Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. In the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google's infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.

A recent Windows 10 1909 cumulative update prevents Microsoft 365 desktop users from logging into Microsoft Teams, Microsoft Outlook, and Microsoft OneDrive for Business. This issue is caused by the Windows 10 1909 KB5003169 cumulative update released last week as part of the May 2021 Patch Tuesday updates.

Microsoft is finally retiring Internet Explorer 11 from some Windows 10 versions and replacing it with the Chromium-based Microsoft Edge. "Microsoft Edge has Internet Explorer mode built in, so you can access those legacy Internet Explorer-based websites and applications straight from Microsoft Edge," said Sean Lyndersay, Microsoft Edge Partner Group Program Manager.