Security News

Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. APT28 has been using this tool to exploit the CVE-2022-38028 vulnerability "Since at least June 2020 and possibly as early as April 2019.".

Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. APT28 designed this tool to target the CVE-2022-38028 vulnerability reported by the U.S. National Security Agency, which Redmond fixed during the Microsoft October 2022 Patch Tuesday.

Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient. "They are learning to...

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. While most of the malware activity has been based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.

A preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for commercial customers, is now available for Windows and macOS users. Office LTSC 2024 for commercial preview, Visio 2024 preview, and Project 2024 preview.

Microsoft says the new Copilot app, mistakenly added to the list of installed Windows apps by recent Edge updates, doesn't collect or relay data to its servers. For this reason, they were surprised to see a new 8KB Microsoft Copilot app added to the list of installed programs on live production builds of Windows Server 2022.

Microsoft says the new Copilot app, added by recent Edge updates to the list of installed Windows apps, doesn't collect or relay data to its servers. "Updates to Edge browser version 123.0.2420.65, released on March 28, 2024 and later, might incorrectly install a new package called 'Microsoft chat provider for Copilot in Windows' on Windows devices. Resulting from this, the Microsoft Copilot app might appear in the Installed apps in Settings menu," Redmond said.

Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025.Exchange Online doesn't support sending bulk or high volumes of emails from a single account, and until now, Microsoft has not placed any restrictions on bulk emails.

Microsoft has finally lifted a compatibility hold blocking Windows 10 users from updating to Windows 11 on systems with Intel Smart Sound Technology audio drivers and Intel 11th Gen Core processors. The company first acknowledged in November 2021 that some Intel audio drivers were triggering blue screens back on Windows 11 21H2 devices when it also added safeguard holds blocking Windows 11 upgrades from being offered to customers on affected systems.

Palo Alto Networks firewalls under attack, hotfixes incoming!Attackers are exploiting a command injection vulnerability affecting Palo Alto Networks' firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been compromised. It can handle almost anything, and someone once called it the kitchen sink of PKI. Microsoft patches two actively exploited zero-daysOn this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn't marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro's Zero Day Initiative, has found being leveraged by attackers in the wild.