Security News

A tool that automates the delivery of malware from external attackers to target employees' Microsoft Teams inbox has been released. TeamsPhisher is a Python-based tool created by US Navy read teamer Alex Reid that allows attackers to deliver attachments to Microsoft Teams users.

Google is working on a significant design overhaul for Chrome across Windows, Mac, and Chromebook platforms. A distinct change in Chrome 2023 refresh changes how custom themes look in the browser.

This cheat sheet covers the basics of Microsoft Edge, including how to set up the browser and optimize and use key features. This cheat sheet covers the basics of Microsoft Edge, including how to set up the browser and then optimize and use its key features.

Microsoft is having a rough week with troubles including an Outlook.com bug that prevented some email users from searching their messages for several hours on Thursday, and a Teams flaw that allows people to send phishing emails and malware to other Teams users. While the Outlook.com bug borking users' email was certainly an annoying inconvenience, perhaps a bigger problem is the Teams weakness.

Microsoft is investigating an ongoing issue preventing Outlook.com users from searching their emails and triggering 401 exception errors. "Our initial review of Outlook.com server logs, in parallel with HTTP Archive format logs captured during an internal reproduction of impact, indicates 401 errors are occurring due to an exception when users attempt to perform the search," Microsoft says on the service health portal.

Microsoft is again pushing a Defender Antivirus update that fixes a known issue triggering Windows Security warnings that Local Security Authority Protection is off. Microsoft acknowledged this issue impacts Windows 11 21H2 and 22H2 systems after numerous user reports about "Local Security Authority protection is off. Your device may be vulnerable." warnings, although LSA Protection was already enabled.

A member of U.S. Navy's red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. The tool exploits a problem highlighted last month by Max Corbridge and Tom Ellson of UK-based security services company Jumpsec, who explained how an attacker could easily go around Microsoft Teams' file-sending restraints to deliver malware from an external account.

Microsoft has denied the claims of the so-called hacktivists "Anonymous Sudan" that they breached the company's servers and stole credentials for 30 million customer accounts.Yesterday, the hacktivists alleged that they had "Successfully hacked Microsoft" and "Accessed a large database containing more than 30 million Microsoft accounts, emails, and passwords."

Microsoft's Edge browser has recently enhanced its 'Edge Secure Network' feature, which now offers 5GB of data, significantly increasing from the previously offered 1GB. The Edge Secure Network uses Cloudflare's routing to encrypt your internet connection and secure your data against online threats, such as hacking attempts.Importantly, Microsoft ensures the user's Microsoft account identity is not shared with the service provider during a Secure Network connection.

Microsoft offers different Word document security solutions. Microsoft Word offers several ways to secure a document so that other people can't view or edit it.