Security News

Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions "Are so outdated that security updates are no longer offered for them," the German Federal Office for Information Security has warned today. The BSI worries about attackers breaching those servers by exploiting CVE-2024-21410, a critical elevation of privilege bug that allows attackers to learn a targeted user's NTLM credentials and "Relay" them to authenticate themselves to a vulnerable Exchange Server as the user.

Cybercriminals have been increasingly using a new phishing-as-a-service platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication protection. Tycoon 2FA attacks involve a multi-step process where the threat actor steals session cookies by using a reverse proxy server hosting the phishing web page, which intercepts the victim's input and relays them to the legitimate service.

In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case...

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Infosec in brief If your Windows domain controllers have been crashing since a security...

Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. "After March 20, 2024, you will not be able to access those Microsoft products or services, or any data stored in them." - Microsoft.

Microsoft has released emergency out-of-band updates to fix a known issue causing Windows domain controllers to crash after installing the March 2024 Windows Server security updates. If you installed previous Windows Server updates, only the new updates in these packages will be downloaded and installed.

Microsoft Authenticator utilizes push notifications, one-time passcodes and can integrate with Microsoft 365 and Microsoft Entra ID. While both 2FA options share some similarities, there are key differences that can sway your decision to choose one over the other. Microsoft Authenticator is free and comes bundled with all Microsoft Entra ID and 365 Business accounts.

Microsoft is the subject of growing criticism in the US over allegations that its Bing search engine censors results for users in China that relate to sensitive subjects the state wants blocked. Republican Senator Marco Rubio has added his voice to criticism of the Redmond software giant for reportedly removing search results from Bing on human rights, democracy, climate change, and other sticky issues within China.

Microsoft confirmed that a memory leak introduced with the March 2024 Windows Server security updates is behind a widespread issue causing Windows domain controllers to crash. The known issue impacts all domain controller servers with the latest Windows Server 2012 R2, 2016, 2019, and 2022 updates.

As the digital wolves dress in sheep's tax forms, Microsoft has thrown a spotlight on a crafty 2024 phishing expedition, unraveled in January, that preys on the unsuspecting herd of early tax filers. The malicious email campaign, purporting to be employees' tax returns, contained an attachment that, when clicked, directs the user to a phony website that looks like a blurred spreadsheet, with a download documents button marked "Confidentials to users[dot]name[at] contoso[dot]com."