Security News

Microsoft Reports Evolution of China-Linked Threat Actor GADOLINIUM. Microsoft this week announced that it recently removed 18 Azure Active Directory applications that were being abused by China-linked state-sponsored threat actor GADOLINIUM. Also known as APT40, TEMP.Periscope, TEMP.Jumper, Leviathan, BRONZE MOHAWK, and Kryptonite Panda, the adversary has been active since at least 2013, mainly operating in support of China's naval modernization efforts, through targeting various engineering and maritime entities, including a U.K.-based company. The threat actor was recently observed leveraging Azure cloud services and open source tools in attacks employing spear-phishing emails with malicious attachments.

Microsoft's long-lived operating system Windows XP-that still powers over 1% of all laptops and desktop computers worldwide-has had its source code leaked online, allegedly, along with Windows Server 2003. The source code for Microsoft's 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it's for the very first time when source code for Microsoft's operating system has been leaked to the public.

The source code for Windows XP and other elderly Microsoft operating systems appears to have leaked online as the mega-corp's Ignite developer shindig came to an end. The source of the alleged code leak is unclear; a torrent for the archive popped up on internet armpit 4chan and contains what appears to be Windows XP Service Pack 1, as well as some other past-their-sell-by-date flavours of Microsoft's greatest hits.

An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks. Microsoft has suspended 18 Azure Active Directory applications that were being leveraged for command-and-control infrastructure by what it says is a Chinese nation-state actor.

The rather concerning design flaw in Microsoft's netlogon protocol is being exploited in the wild by miscreants, the Windows giant's security team has warned. Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon.

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. "We have observed attacks where public exploits have been incorporated into attacker playbooks," Microsoft said.

Microsoft says it has observed threat actors actively targeting the Zerologon vulnerability affecting Windows Server. Last week, the United States Department of Homeland Security issued an Emergency Directive requiring all federal agencies to apply the available patches for the Zerologon vulnerability within days.

Evolve IP announced that it has integrated SMS business messaging and voice recording with AI speech analytics into its Microsoft Teams direct routing platform. "Microsoft Teams adoption has been astounding as employers and employees have shifted to a work anywhere mentality and selected Microsoft productivity software to keep their businesses running," said Scott Kinka, Chief Technology Officer of Evolve IP. "Evolve IP's enhanced direct routing platform for Microsoft Teams with Cisco VoIP allows employees to work wherever and whenever they want, providing seamless functionality on every device, a proven history of 99.999 percent reliability, and superior voice quality."

Jumio announced that its AI-powered identity verification solutions are now available to Microsoft Azure Active Directory External Identities for B2C customers. Azure Active Directory B2C is a customer identity access management solution.

AT&T and Microsoft are teaming up to enable enterprises to seamlessly connect machines and equipment to the cloud with highly secure network connectivity across the globe. As part of the effort, AT&T is working with Microsoft to deliver an integrated IoT solution with Azure Sphere.