Security News

Microsoft has released Sysmon 15, converting it into a protected process and adding the new 'FileExecutableDetected' option to log when executable files are created. Users can find the complete list of directives in the Sysmon schema, which can be viewed by running the sysmon -s command at the command line.

Microsoft has addressed a known issue causing File Explorer on Windows 11 and Windows Server systems after viewing a file's effective access permissions. The known issue impacts systems running the latest Windows releases, including Windows 11 21H2/22H2 and Windows Server 2022.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard. The group, which drew worldwide attention for the SolarWinds supply chain compromise in December 2020, has continued to rely on unseen tooling in its targeted attacks aimed at foreign ministries and diplomatic entities.

Moving critical data and workloads to the cloud has significantly changed information security teams. Most don't have the resources to be successful in their cloud attack modeling-not to mention the deployment of measurable controls to defend against these evolving attacks.

Empowering Google security and networking solutions with AIIn this Help Net Security interview, Sunil Potti, GM and VP of Cloud Security at Google Cloud, talks about how new security and networking solutions powered by AI help improve security so Google customers can address their most pressing security challenges and remain ahead of an ever changing threat landscape. Infosecurity Europe 2023Infosecurity Europe took place at ExCeL London from June 20-22, 2023 and Help Net Security was on site.

Bug hunters who found security holes in Google - and also responsibly disclosed details of those flaws to the Chocolate Factory - earned more than $12 million in bounty rewards in 2022, marking a record year for the corporation's Vulnerability Reward Programs in terms of payouts and number of vulnerabilities found and fixed. Avrahami found several vulnerabilities and attack paths in Google Kubernetes Engine Autopilot that would allow an attacker to escape their pod, compromise the underlying node, escalate privileges to administrator level, and then deploy backdoors to maintain this access.

Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees' Microsoft Teams inbox. "Organisations that use Microsoft Teams inherit Microsoft's default configuration which allows users from outside of their organisation to reach out to their staff members," Jumpsec researcher Max Corbridge explained.

Network and IT admins have been dealing with ongoing Microsoft 365 issues this week, reporting that some end users cannot use Microsoft Outlook or other Microsoft 365 apps. The issues started Monday, with numerous admins contacting BleepingComputer to say that some of their users are experiencing disruptive issues in Microsoft Outlook, with the program not opening, freezing after opening, seeing delays in mail delivery, or errors saying there is no valid license associated with the user.

Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources.With 280 million monthly active users, Microsoft Teams has been adopted by organizations as a communication and collaboration platform part of the Microsoft 365 cloud-based services.