Security News

Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tag that could allow attackers to access customers' private data. Service Tags are groups of IP addresses for a specific Azure service used for firewall filtering and IP-based Access Control Lists when network isolation is needed to safeguard Azure resources.

Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated...

Microsoft warned customers on Thursday that the May 2024 non-security preview update for Windows 11 is causing taskbar crashes and glitches. Today, one day after this cumulative update was rolled out, Redmond added a new known issue to the KB5037853 support document confirming that Windows 11 22H2 and 23H2 users might experience taskbar issues.

Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.

It exploits the Microsoft BitLocker encryption feature to encrypt the entire local drive and remove the recovery options before shutting down the PC. ShrinkLocker was discovered by cybersecurity firm Kaspersky, and analysts have observed variants in Mexico, Indonesia and Jordan. BitLocker has been used to stage ransomware attacks in the past, but this strain has "Previously unreported features to maximise the damage of the attack," Kaspersky said in a press release.

A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information...

Microsoft has linked a North Korean hacking group it tracks as Moonstone Sleet to FakePenny ransomware attacks, which have led to millions of dollars in ransom demands. Unlike previous ransomware attacks coordinated by North Korean state hackers, in which victims were asked to pay $100,000, the ransom demanded by the Moonstone Sleet attackers was $6.6 million in BTC. Microsoft's assessment of this attack concluded that Moonstone Sleet's primary motivation for deploying the ransomware was financial gain.

Microsoft says the Cortana, Tips, and WordPad applications will be automatically removed on systems upgraded to the upcoming Windows 11 24H2 release. In September, Microsoft announced that it would deprecate WordPad-automatically installed on Windows systems for 28 years, since 1995, and an optional Windows feature since the Windows 10 Insider Build 19551 release in February 2020-with a future Windows update.

After over a 24-hour outage, Microsoft's Bing, Copilot, and Copilot in Windows services are back online worldwide, with no information released as to what caused the problem. ChatGPT's internet search features, which Bing powers, were also down, as confirmed by OpenAI. Microsoft shared updates throughout the day, initially stating, "We're working to find the cause of the issue. More information can be found in the admin center under CP795190."

Microsoft has released an emergency out-of-band update for Windows Server 2019 that fixes a bug causing 0x800f0982 errors when attempting to install the May 2024 Patch Tuesday security updates. "Yep, 6 Windows Server 2019 by different Costumers. All the same issue: error 0x800f0982," reported a Windows admin on Reddit.