Security News

After announcing a gradual elimination of third-party printer drivers on Windows earlier this year, Microsoft has now unveiled its plan for enhancing security by introducting Windows Protected Print Mode. For years, the Windows print system has been a key target for attackers because the Windows Print Spooler service/process has high privileges that can be exploited to execute malicious files.

Microsoft announced a new Windows Protected Print Mode, introducing significant security enhancements to the Windows print system. "WPP builds on the existing IPP print stack where only Mopria certified printers are supported, and disables the ability to load third-party drivers. By doing this, we can make meaningful improvements to print security in Windows that otherwise could not happen," said Johnathan Norman, Microsoft Offensive Research & Security Engineering principal engineer manager.

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and...

Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer. The gang, Storm-1152, is the "Number one seller and creator of fraudulent Microsoft accounts" and has listed for sale 750 million of these, according to Amy Hogan-Burney, Microsoft's associate general counsel for cybersecurity policy and protection.

Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and consumers globally out of millions of dollars.

Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a...

Please turn on your JavaScript for this page to function normally. Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files.

Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. Storm-1152 is a major cybercrime-as-a-service provider and the number one seller of fraudulent Outlook accounts, as well as other illegal "Products," including an automatic CAPTCHA-solving service to bypass Microsoft's CAPTCHA challenges and register more fraudulent Microsoft email accounts.

Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. Storm-1152 is a major cybercrime-as-a-service provider and the number one seller of fraudulent Outlook accounts, as well as other illegal "Products," including an automatic CAPTCHA-solving service to bypass Microsoft's CAPTCHA challenges and register more fraudulent Microsoft email accounts.

Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors...