Security News

Microsoft says a Chinese-backed threat group tracked as 'Storm-0062' has been exploiting a critical privilege escalation zero-day in the Atlassian Confluence Data Center and Server since September 14, 2023. Today, Microsoft Threat Intelligence analysts shared more information about Storm-0062's involvement in CVE-2023-22515's exploitation and posted four offending IP addresses on a thread on Twitter.

In this post I'm going to focus specifically on data security and how your team can ensure a safe Copilot rollout. Microsoft relies heavily on sensitivity labels to enforce DLP policies, apply encryption, and broadly prevent data leaks.

Childs described the early years of Patch Tuesday at Microsoft being kind of a party, complete with catered breakfast and music. "Certainly a lot of large financial institutions and I imagine a lot of other organizations were part of really bringing pressure to bear to Microsoft to release it as an instance, a single time so we can plan for it, take a more measured approach and reduce a lot of the chaos that was prior to Patch Tuesday being a thing," he tells The Register.

Hackers are once again abusing LinkedIn Smart Links in phishing attacks to bypass protection measures and evade detection in attempts to steal Microsoft account credentials. Smart Links are part of LinkedIn's Sales Navigator service, used for marketing and tracking, allowing Business accounts to email content using trackable links to determine who engaged with it.

Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws,...

Thankfully, there are complimentary Microsoft 365 security training modules. Improve your cloud security posture with Microsoft Defender for Cloud.

Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor it tracks as Storm-0062 (aka DarkShadow or...

Patch Tuesday Microsoft on Tuesday issued more than 100 security updates to fix flaws in its products, including two bugs that are already under active attack, as well as addressing an HTTP/2 weakness that has also been exploited in the wild. CVE-2023-36563 is an information disclosure bug in Microsoft WordPad that can be exploited to steal NTLM hashes.

Microsoft warned customers this week of incorrect BitLocker drive encryption errors being shown in some managed Windows environments. The issue also only impacts environments where drive encryption is enforced for OS and fixed drives.

The Exchange Team asked admins to deploy a new and "Better" patch for a critical Microsoft Exchange Server vulnerability initially addressed in August. Tracked as CVE-2023-21709 and patched during August 2023 Patch Tuesday, the security flaw enables unauthenticated attackers to escalate privileges on unpatched Exchange servers in low-complexity attacks that don't require user interaction.