Security News

A phishing campaign was recently discovered leveraging OneNote, Microsoft's digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims' systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that either delivered the credential-stealing Agent Tesla keylogger or linked to a phishing page - or both.

It enables Intune users to connect from managed mobile apps to data sources of their choice via a micro VPN. The growth in demand for, and usage of enterprise mobile applications is undeniable, with the enterprise mobile application development market expected to grow at a CAGR of 15.65% by 2025. Enterprises continue to struggle with secure access from the managed mobile apps to their sensitive data, stored on premises or in their private clouds, that increasingly power critical business outcomes and cost-effectively driving end-user adoption of mobile apps.

Beginning with version 80.0.338.0, Microsoft Edge will include a new feature designed to block downloads that may contain PUAs, preventing those apps from reaching the user's computer. PUA blocking, Microsoft says, requires Microsoft Defender SmartScreen to be enabled.

A former Microsoft software engineer was convicted this week on 18 federal criminal charges tied to stealing more than $10 million through the company's online retail platform, according to the U.S. Department of Justice. Voldymyr Kvashuk, a Ukrainian resident who first worked as a contractor and then as a full-time engineer at Microsoft from 2016 to 2018, was found guilty on five counts of wire fraud, six counts of money laundering, two counts of aggravated identity theft, two counts of filing false tax returns, and one count each of mail fraud, access device fraud and access to a protected computer in furtherance of fraud, according to the U.S. Attorney's Office for the Western District of Washington, which oversaw the case.

Microsoft has a neat web page that helps you get Outlook set up on your phone. Just like Italian security researcher Luca Epifanio, our first thought was, "What if someone decides to put in someone else's phone number and then spam them over and over and over again?".

CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a vector for ransomware groups in coming months, warns cybersecurity researcher Kevin Beaumont. Organizations running on-premise Exchange - any supported version up until the recent patch - would do well to patch as soon as possible, as scanning for vulnerable internet-facing servers has already begun.

Hey, Linux fans! Microsoft has got your back over fileless threats. A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory.

Bug disclosure service HackerOne was in the rare position of publicizing one of its own security holes this week after a researcher discovered a flaw that was exposing some user email addresses. Tenable says Microsoft won't fix Group Policy bug.

BlueVoyant, a global analytics-driven cybersecurity firm, announced the availability of its Managed Detection and Response Service for Microsoft Defender Advanced Threat Protection, a unified next-generation anti-virus and endpoint detection and response platform. "The addition of Microsoft Defender Advanced Threat Protection to BlueVoyant's 100% cloud-based technology portfolio furthers BlueVoyant's goal of bringing best-of-breed technologies and services to companies of all sizes," said Jim Rosenthal, CEO of BlueVoyant.

CyberMDX, a leading provider of medical cyber security solution, delivering asset visibility and threat prevention for medical devices and clinical assets, announced that it has completed integration certification for the Microsoft Azure Security Center for IoT. Integrating CyberMDX visibility and detection capabilities with Microsoft Azure Security Center for IoT, healthcare organizations are equipped with cross-cloud and devices visibility, classification and incident response capabilities. Azure Security Center for IoT provides adaptive threat prevention, and intelligent threat detection and response across workloads running on on-premises, on edge, in Azure.