Security News

AI SPERA, a leader in Cyber Threat Intelligence-based solutions, today announced that Criminal IP ASM is now available on the Microsoft Azure Marketplace. Through this partnership, AI SPERA showcases Criminal IP ASM on the Microsoft Azure Marketplace in the security service listings.

Microsoft is investigating an issue that triggers Outlook security alerts when trying to open. ICS calendar files after installing December 2023 Patch Tuesday Office security updates.

Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications.Microsoft released the first Windows Server 2025 Insider preview build last week.

Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. "For Outlook 2013 and Outlook 2016, if you are still seeing authentication prompts, please ensure you've enabled two step verification and create an app password. Use the app password in place of your normal password when Outlook prompts for authentication."

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems. The attackers used what looks like a compromised Teams user to send over 1,000 malicious Teams group chat invites, according to AT&T Cybersecurity research.

Microsoft is investigating an issue that prevents Outlook and other email clients from connecting when using an Outlook.com account. "Since starting around 1/23/24 users have reported issues connecting with Outlook 2013, Outlook 2016, Outlook for Microsoft 365, Thunderbird, and mobile email apps when connecting with POP, IMAP, and Exchange connections," Microsoft says.

Microsoft is investigating a second outage affecting Microsoft Teams users across North and South America in the last three days. "We're investigating an issue in which users may be unable to access Microsoft Teams or features within North America, Canada, and Brazil," Microsoft said via the company's official Microsoft 365 status account on X. Teams users affected by these ongoing issues can find more information in an incident report tagged as TM710900 in the Microsoft 365 admin center.

Microsoft is reporting that a Russian intelligence agency-the same one responsible for SolarWinds-accessed the email system of the company's executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account's permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents.

Microsoft, a week after disclosing that Kremlin-backed spies broke into its network and stole internal emails and files from its executives and staff, has now confirmed the compromised corporate account used in the genesis of the heist didn't even have multi-factor authentication enabled. On Thursday, Redmond admitted Midnight Blizzard - a Moscow-supported espionage team also known as APT29 or Cozy Bear - "Utilized password spray attacks that successfully compromised a legacy, non-production test tenant account that did not have multifactor authentication enabled."

Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which comes with both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition.