Security News

The Windows Sandbox and the Microsoft Defender Application Guard now launch faster in Windows 10 after installing the Insider Preview Build 21343 for Windows Insiders in the Dev Channel. Windows Sandbox helps Windows 10 users safely run apps in an isolated desktop environment.

Microsoft has fixed a vulnerability in the PsExec utility that allows local users to gain elevated privileges on Windows devices. "This local privilege escalation allows a non-admin process to escalate to SYSTEM if PsExec is executed locally or remotely on the target machine. I was able to confirm this works from Windows 10 all the way back to XP and from my investigation, it affects PsExec v2.2 all the way back to v1.72," explained Wells.

The patching level for Microsoft Exchange Servers that are vulnerable to the ProxyLogon group of security bugs has reached 92 percent, according to Microsoft. Our work continues, but we are seeing strong momentum for on-premises Exchange Server updates: 92% of worldwide Exchange IPs are now patched or mitigated.

A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft. At the time, the researchers revealed that the adversary behind the campaign was leveraging trusted domains to ensure that phishing emails successfully bypass email protections.

A former IT consultant hacked a company in Carlsbad, California, and deleted almost all its Microsoft Office 365 accounts in an act of revenge that has brought him two years of prison time. More than 1,200 user accounts were removed in this act of sabotage, causing a complete shutdown of the company's operations for two days.

AVSystem announced integration of the Coiote IoT Device Management service with both Microsoft Azure IoT Hub and Amazon Web Services IoT Core via Lightweight M2M. Coiote is the first IoT device management platform in the industry to provide support for constrained IoT devices at scale for both cloud providers. This opens new opportunities for creating IoT services over low-power wide area network within Azure and AWS. By combining device energy savings and lower data consumption with existing cloud services, enterprises can reduce time to market and decrease costs for deploying IoT solutions and managing IoT operations.

The IoT M2M Council announced that Microsoft has joined the Council, a trade group that fosters a community of 25,000 qualified IoT users. The Microsoft Azure IoT Engineering group will use the IMC as a platform to stay in closer contact with enterprise users and product makers that are deploying IoT technology.

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week. Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed.

Roughly 92% of all Internet-connected on-premises Microsoft Exchange servers affected by the ProxyLogon vulnerabilities are now patched and safe from attacks, Microsoft said on Monday. A total of 400,000 Internet-connected Exchange servers were impacted by the ProxyLogon vulnerabilities when Microsoft issued the initial security patches, on March 2, with over 100,000 of them still unpatched one week later, on March 9.