Security News

Microsoft introduces flighting for Windows Server insiders
2024-01-26 19:02

Microsoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program. "If you have a recent Windows Server insider build installed, you can now go to Windows Update in Settings app, and check for updates. This will bring you a newer build, as a Feature update," said Microsoft software engineer Artem Pronichkin.

Microsoft Teams outage causes connection issues, message delays
2024-01-26 17:49

Microsoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays."We've identified a networking issue impacting a portion of the Teams service and we're performing a failover to remediate impact. Additional information can be found under TM710344 in the admin center," tweeted the official Microsoft account for updates on Microsoft365 service incidents.

Microsoft reveals how hackers breached its Exchange Online accounts
2024-01-26 15:23

On January 12, 2024, Microsoft discovered that Russian hackers breached its systems in November 2023 and stole email from their leadership, cybersecurity, and legal teams.Microsoft now explains that the threat actors used residential proxies and "Password spraying" brute-force attacks to target a small number of accounts, with one of these accounts being a "Legacy, non-production test tenant account."

Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs
2024-01-26 06:03

Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it's...

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails
2024-01-25 16:58

Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers gained access in November 2023 using a legacy test tenant account.

Russian hackers breached Microsoft, HPE corporate maliboxes
2024-01-25 13:16

Cozy Bear has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise have recently disclosed successful attack campaigns by the Russia-affiliated APT group. Last Friday, Microsoft revealed that a threat-actor identified as Midnight Blizzard - a hacking group believed to be associated with the Russian Foreign Intelligence Service - has breached their corporate systems on January 12, 2024.

What Microsoft's latest email breach says about this IT security heavyweight
2024-01-24 11:02

Microsoft declined to answer The Register's questions about the digital heist, or its security in general. This marks the second time since 2020 the same gang of Kremlin-backed cyber spies - whom Microsoft now calls Midnight Blizzard, used to track as Nobelium, and most call Cozy Bear - has invaded Microsoft.

Microsoft: Recent updates cause Sysprep Windows validation errors
2024-01-24 10:26

Microsoft says admins are seeing 0x80073cf2 errors when using the System Preparation tool to validate Windows installations for deployment after installing recent Windows 10 updates. Sysprep helps prepare Windows client or Windows Server installations for imaging and deployment on any system by removing computer-specific information such as installed drivers and the computer security identifier.

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
2024-01-20 03:11

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other...

Russians invade Microsoft exec mail while China jabs at VMware vCenter Server
2024-01-20 00:08

A VMware security vulnerability has been exploited by Chinese cyberspies since late 2021, according to Mandiant, in what has been a busy week for nation-state espionage news. On Friday VMware confirmed CVE-2023-34048, a critical out-of-bounds write flaw in vCenter Server, was under active exploitation.