Security News

Microsoft has announced it is retiring Visual Studio for Mac and that support for the latest version, 17.6, will continue for another year, until August 31, 2024. NET Core, and the support for Android and iOS app writing through Xamarin made Visual Studio for Mac a versatile choice for developers.

Threat actors are exploiting poorly secured Microsoft SQL servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. "The ransomware payload of choice appears to be a newer variant of Mimic ransomware called FreeWorld."

A controversial United Nations proposal has a new foe, Microsoft, which has joined the growing number of organizations warning delegates that the draft version of the UN cybercrime treaty only succeeds in justifying state surveillance - not stopping criminals, as originally intended. "The risk is that the treaty will not be a tool for prosecuting criminals but rather a weapon that allows for intrusive data access and surveillance instruments," she wrote in a LinkedIn post.

Microsoft announced today that Exchange Server 2016 and 2019 now come with support for HTTP Strict Transport Security. Microsoft provides detailed information on configuring HSTS on Exchange Server 2016 and 2019 via PowerShell or the Internet Information Services Manager on its documentation website.

According to the report, attackers favor Microsoft because of the potential to move laterally through an organization's Microsoft environments. If 4.31% seems like a small figure, Abnormal Security CISO Mike Britton pointed out that it is still four times the impersonation volume of the second most-spoofed brand, PayPal, which was impersonated in 1.05% of the attacks Abnormal tracked.

Microsoft is warning of an increase in adversary-in-the-middle phishing techniques, which are being propagated as part of the phishing-as-a-service cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities.

Microsoft announced today that Windows Extended Protection will be enabled by default on servers running Exchange Server 2019 starting this fall after installing the 2023 H2 Cumulative Update. Extended Protection is a feature that strengthens Windows Server auth functionality to mitigate authentication relay or "Man in the middle" attacks.

Microsoft says the recent wave of blue screens impacting some Windows users is not caused by issues in its August 2023 optional updates. Microsoft first acknowledged this known issue on Wednesday, saying that affected platforms include Windows 11 22H2 and Windows 10 21H2/22H2.

Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID application by taking advantage of an abandoned reply URL. "An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens," Secureworks Counter Threat Unit said in a technical report published last week. Reply URL, also called redirect URI, refers to the location where the authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token.

PLUS: India calls for global action on AI and crypto; Vietnam seeks cybersecurity independence; China bans AI prescribing drugs Asia In Brief Taiwan-based infosec consultancy Team T5 has disputed...