Security News

Threat actors are abusing the Microsoft Build Engine to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign. This development tool can build apps on any Windows system if provided with an XML schema project file telling it how to automate the build process.

Threat actors are abusing the Microsoft Build Engine to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign. This development tool can build apps on any Windows system if provided with an XML schema project file telling it how to automate the build process.

Organizations in the aerospace and travel sectors have been targeted in the past months in a campaign aimed at infecting victims with remote access Trojans and other types of malware, Microsoft warns. The attacks start with spear-phishing messages that employ lures relevant to the targeted organizations, such as aviation, travel, and cargo, and deliver an image that pretends to be a PDF file and which contains an embedded link.

Additional insights 93% of organizations who use Microsoft 365 report suffering negative impacts following an email data breach, compared to 84% of organizations who do not use Microsoft 365. 15% of organizations using Microsoft 365 have suffered over 500 data breaches in the last year, compared to just 4% of organizations not using it.

Multiple editions of Windows 10 versions 1803, 1809, and 1909 have reached their End of Service on this month's Patch Tuesday, as Microsoft reminded customers yesterday. While usually, Redmond advises users of end of service products to upgrade as soon as possible to the latest available versions to keep their systems secure, the company also automatically rolls out feature updates to some out-of-date devices reaching EoS. "Windows Update will automatically initiate a feature update for Windows 10 consumer devices and non-managed business devices that are at, or within several months of reaching end of servicing," Microsoft said.

Multiple editions of Windows 10 versions 1803, 1809, and 1909 have reached their End of Service on this month's Patch Tuesday, as Microsoft reminded customers yesterday. While usually, Redmond advises users of end of service products to upgrade as soon as possible to the latest available versions to keep their systems secure, the company also automatically rolls out feature updates to some out-of-date devices reaching EoS. "Windows Update will automatically initiate a feature update for Windows 10 consumer devices and non-managed business devices that are at, or within several months of reaching end of servicing," Microsoft said.

Microsoft has resolved a known issue preventing managed devices from receiving the May 2021 Patch Tuesday Windows security updates. "When checking for updates within Windows Server Update Services or Microsoft Endpoint Configuration Manager and managed devices that connect to these servers," this month's security updates "Might not be available or offered," as Microsoft explained on the Windows Health Dashboard.

Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans deployed using a new and stealthy malware loader. "In the past few months, Microsoft has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT," Microsoft said.

Microsoft has launched a new open-source project that aims to add to Windows the benefits of eBPF, a technology first implemented in Linux that allows attaching programs in both kernel and user applications. Microsoft's effort builds on the work of the eBPF community by adding a compatibility layer that turns existing eBPF open-source projects into submodules that can work on top of Windows 10 and Windows Server 2016 and later.

On Wednesday, software company Egress released a report titled "Outbound email: Microsoft 365's security blind spot" highlighting email data breaches and IT frustrations during the coronavirus pandemic. "We can't ignore the risk of email data loss from Microsoft 365 and the limitations of static DLP solutions to mitigate the outbound email security risks that organizations face today."