Security News

Microsoft shared a workaround for Outlook Desktop blocking attempts to open IP address or fully qualified domain name hyperlinks after installing this month's security updates. "Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023," the company says.

Microsoft is further enhancing the Windows 11 Enhanced Phishing Protection by testing a new feature that warns users when they copy and paste their Windows password into websites and documents. With the release of Windows 11 22H2, Microsoft introduced a new security feature called Enhanced Phishing protection, designed to protect your Windows and Active Directory domain credentials from being obtained by threat actors.

Microsoft will retire the Windows Mail and Calendar applications on Windows 10 and Windows 11 at the end of the year, first auto-migrating users to the new Outlook for Windows app in August. Initially developed for Windows 10, Windows Mail and Calendar are built-in Windows applications that provide an easy-to-use application for retrieving your email and scheduling events, tasks, and appointments.

A stolen Microsoft security key may have allowed Beijing-backed spies to break into a lot more than just Outlook and Exchange Online email accounts. Microsoft still, to the best of our knowledge, does not know how this incredibly powerful private signing key was obtained, and has revoked that key.

The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. While Microsoft said that only Exchange Online and Outlook were impacted, Wiz says the threat actors could use the compromised Microsoft consumer signing key to impersonate any account within any impacted customer or cloud-based Microsoft application.

The Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. While Microsoft said that only Exchange Online and Outlook were impacted, Wiz says the threat actors could use the compromised Azure AD private key to impersonate any account within any impacted customer or cloud-based Microsoft application.

According to cloud security company Wiz, the inactive Microsoft account consumer signing key used to forge Azure Active Directory tokens to gain illicit access to Outlook Web Access and Outlook.com could also have allowed the adversary to forge access tokens for various types of Azure AD applications. Wiz's analysis fills in some of the blanks, with the company discovering that "All Azure personal account v2.0 applications depend on a list of 8 public keys, and all Azure multi-tenant v2.0 applications with Microsoft account enabled depend on a list of 7 public keys."

Microsoft announced on Wednesday it would provide all customers free access to cloud security logs - a service usually reserved for premium clients - within weeks of a reveal that government officials' cloud-based emails were targets of an alleged China-based hack. Microsoft wrote on its blog it was expanding the service's access beginning in September 2023 to "Increase the secure-by-default baseline" of its cloud platforms "In response to the increasing frequency and evolution of nation-state cyber threats."

Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT. Turla is a sophisticated and persistent APT group that has been active for over 10 years and is believed to be sponsored by the Russian state.

Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency have announced on Wednesday. Extended cloud logging defaults for lower-tier Microsoft customers.