Security News

Microsoft's Edge browser, known for its innovative features, is now shedding one of its most applauded functions, Web Select. Accessed either via the menu or the Control+Shift+X shortcut, Web Select provided an edge over simple screenshot tools.

Get technical details about how this new attack campaign is delivered via Microsoft Teams and how to protect your company from this loader malware. A new report from global cybersecurity company Truesec reveals a new attack campaign leveraging Microsoft Teams to infect companies' users.

A set of memory corruption flaws have been discovered in the ncurses programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions," Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse said in a technical report published today.

Microsoft is investigating an ongoing outage preventing customers from sending or receiving messages using the company's Microsoft Teams communication platform. Microsoft confirmed the outage in a tweet published via its official Microsoft 365 status account, saying that more details can be found under TM675041 in the admin center.

Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as lures to infiltrate corporate networks. "Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool to send phishing lures through Microsoft Teams chats," the company said, adding the development marks a shift from using email-based initial infection vectors for initial access.

A threat actor known for providing ransomware gangs with initial access to enterprise systems has been phishing employees via Microsoft Teams. Storm-0324 is a temporary name assigned by Microsoft to this particular threat actor and shows that the company has yet to reach high confidence about the origin or identity of the actor behind the operation.

Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity.

Microsoft emitted 59 patches for its September update batch, including two for bugs that have already been exploited. The preview pane is the attack vector for this bug, which could be exploited to allow the disclosure of NTLM password hashes, which could potentially and ultimately be used to hijack people's network accounts.

Microsoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams phishing attacks to breach corporate networks. "In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file," Microsoft said on Tuesday.

September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader, Microsoft Word, and Microsoft Streaming Service Proxy. Patches for CVE-2023-36761, an information disclosure bug affecting Word, should be quickly deployed, since Microsoft Threat Intelligence detected its exploitation by attackers.