Security News

This attack vector enables an attacker operating in a compromised tenant to abuse a misconfigured Cross-Tenant Synchronization configuration and gain access to other connected tenants or deploy a rogue CTS configuration to maintain persistence within the tenant. Terminologies# Source tenant Tenant from where users & groups are getting synced Target tenant Tenant with resources where users & groups are getting synced Resources Microsoft applications and non-Microsoft applications CTS Abbreviation to reference 'Cross Tenant Synchronization' in this document CTA Abbreviation to reference 'Cross Tenant Access' in this document Compromised Account Adversaries initial point of access The Facilitator#.

The August 2023 Microsoft security updates are out, with 74 CVE-numbered bugs fixed. Intriguingly, if not confusingly, Microsoft's offical bug listing page is topped by two special items dubbed Exploitation Detected.

EvilProxy is becoming one of the more popular phishing platforms to target MFA-protected accounts, with researchers seeing 120,000 phishing emails sent to over a hundred organizations to steal Microsoft 365 accounts. A new phishing campaign observed by Proofpoint since March 2023 is using the EvilProxy service to send emails that impersonate popular brands like Adobe, DocuSign, and Concur.

Microsoft has patched a total of 74 flaws in its software as part of the company's Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. Microsoft said that installing the latest update "Stops the attack chain" leading to the remote code execution bug.

The advisory for that flaw, ADV230003, is related to last month's CVE-2023-36884 in Microsoft Office, and as the IT giant notes, it's a "Defense in depth update." Installing the update "Stops the attack chain leading to the Windows Search security feature bypass vulnerability," we're told. Finally the XMP-Toolkit-SDK update plugs an important security hole that could lead to application denial of service.

Microsoft's Visual Studio Code code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. Cycode researcher Alex Ilgayev told BleepingComputer that other than the built-in GitHub and Microsoft authentication, all of the saved credentials from use of third-party extensions.

Microsoft is working on creating guidelines for red teams making sure generative AI is secure and responsible.

Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. In today's Microsoft August Patch Tuesday, the update helps fix CVE-2023-36884, a security issue disclosed in July, which Microsoft did not patch at the time but provided mitigation advice.

August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in. There is a Microsoft Office "Defense in Depth Update" available that, according to Microsoft, stops the attack chain leading to CVE-2023-36884, a Windows Search RCE vulnerability that has been previously exploited by Russian hackers in targeted attacks.

Today is Microsoft's August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities. This month's Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed.