Security News

Russian hackers stole Microsoft corporate emails in month-long breach
2024-01-20 00:02

Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard.Nobelium is a Russian state-sponsored actor believed to be behind the 2020 SolarWinds supply chain attack, which also impacted Microsoft.

Microsoft tests instant access to Android photos in Windows 11
2024-01-18 19:42

Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they've taken on their Android smartphones. The new feature "Introduces the ability to effortlessly access and edit your most recent photos and screenshots from your Android mobile device in Snipping Tool on your PC," the Windows Insider team said.

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
2024-01-18 18:44

The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st malware. The Androxgh0st malware was exposed in December 2022 by Lacework, a cloud security company.

Microsoft: Iranian hackers target researchers with new MediaPl malware
2024-01-17 20:39

Microsoft says that a subgroup of the notorious APT35 Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new MediaPL backdoor malware. MediaPL is a highly sophisticated malware strain designed to compromise the security of researchers and their data. The attackers have specifically targeted individuals involved in cutting-edge research, seeking unauthorized access to sensitive information. Microsoft's dedicated security teams have dissected the malware to better understand its functionality and devise effective countermeasures.

FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials
2024-01-16 17:34

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. "Androxgh0st is a Python-scripted malware primarily used to target.env files that contain confidential information, such as credentials for various high profile applications," the two agencies cautioned.

Microsoft working on a fix for Windows 10 0x80070643 errors
2024-01-15 19:40

Microsoft is working to fix a known issue causing 0x80070643 errors when installing the KB5034441 security update that patches the CVE-2024-20666 BitLocker vulnerability. "Devices attempting to install the January 2024 Windows Recovery Environment update might display an error related to the size of the Recovery Environment's partition. We are working on a resolution and will provide an update in an upcoming release," Microsoft says in an update to the Windows release health dashboard.

CISA: Critical Microsoft SharePoint bug now actively exploited
2024-01-12 19:24

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. This Microsoft SharePoint Server exploit chain was successfully demoed by STAR Labs researcher Jang during last year's March 2023 Pwn2Own contest in Vancouver, earning a $100,000 reward.

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
2024-01-12 06:35

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV)...

Microsoft testing Windows 11 USB 80Gbps support, Copilot on login
2024-01-11 19:39

Microsoft is now testing support for the USB4 Version 2.0 specification in Windows 11, enabling transfer speeds of up to 80 Gbps over USB Type-C cables. USB 80Gbps is now being tested in the Windows 11 Insider Preview Build 23615, which was released today in the Dev Channel.

Microsoft shares script to update Windows 10 WinRE with BitLocker fixes
2024-01-11 18:32

Microsoft has released a PowerShell script to automate updating the Windows Recovery Environment partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass. As Microsoft explains, this happens because instead of displaying a CBS E INSUFFICIENT DISK SPACE error when the WinRE partition is not large enough, Windows Update incorrectly says the generic "0x80070643 - ERROR INSTALL FAILURE" error message instead. ?This happens because the WinRE image file deployed when installing the KB5034441 security update is too large for the recovery partition.