Security News

Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers gained access in November 2023 using a legacy test tenant account.

Cozy Bear has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise have recently disclosed successful attack campaigns by the Russia-affiliated APT group. Last Friday, Microsoft revealed that a threat-actor identified as Midnight Blizzard - a hacking group believed to be associated with the Russian Foreign Intelligence Service - has breached their corporate systems on January 12, 2024.

Microsoft declined to answer The Register's questions about the digital heist, or its security in general. This marks the second time since 2020 the same gang of Kremlin-backed cyber spies - whom Microsoft now calls Midnight Blizzard, used to track as Nobelium, and most call Cozy Bear - has invaded Microsoft.

Microsoft says admins are seeing 0x80073cf2 errors when using the System Preparation tool to validate Windows installations for deployment after installing recent Windows 10 updates. Sysprep helps prepare Windows client or Windows Server installations for imaging and deployment on any system by removing computer-specific information such as installed drivers and the computer security identifier.

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other...

A VMware security vulnerability has been exploited by Chinese cyberspies since late 2021, according to Mandiant, in what has been a busy week for nation-state espionage news. On Friday VMware confirmed CVE-2023-34048, a critical out-of-bounds write flaw in vCenter Server, was under active exploitation.

Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard.Nobelium is a Russian state-sponsored actor believed to be behind the 2020 SolarWinds supply chain attack, which also impacted Microsoft.

Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they've taken on their Android smartphones. The new feature "Introduces the ability to effortlessly access and edit your most recent photos and screenshots from your Android mobile device in Snipping Tool on your PC," the Windows Insider team said.

The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware. The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.

Microsoft says that a subgroup of the notorious APT35 Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new MediaPL backdoor malware. MediaPL is a highly sophisticated malware strain designed to compromise the security of researchers and their data. The attackers have specifically targeted individuals involved in cutting-edge research, seeking unauthorized access to sensitive information. Microsoft's dedicated security teams have dissected the malware to better understand its functionality and devise effective countermeasures.