A Windows filetype update may have complicated cyber threat detection efforts

The use of archive files as malware delivery mechanisms is evolving, presenting challenges for Secure Email Gateways (SEGs), new research has claimed. A recent report by Cofense highlights how cybercriminals exploit various archive formats to bypass security protocols, particularly following Read More …

Attackers exploiting a patched FortiClient EMS vulnerability in the wild

During a recent incident response, Kaspersky’s GERT team identified a set of TTPs and indicators linked to an attacker that infiltrated a company’s networks by targeting a Fortinet vulnerability for which a patch was already available. This vulnerability is an Read More …

Microsoft Releases November 2024 Security Updates

Microsoft has released security updates to address 89 vulnerabilities in Microsoft products. The security updates include four critical vulnerabilities, two vulnerabilities that are under zero-day exploitation, and four vulnerabilities that are publicly disclosed. Vulnerability details CVE-2024-43451 – NTLM Hash Disclosure Read More …

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will Read More …

Exploring CVE-2024-38227 vulnerability in Microsoft SharePoint

On September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught our attention were those for Microsoft SharePoint, an extensive content management system (CMS). Four out of the five SharePoint vulnerabilities Read More …

China’s three reports on Volt Typhoon prove US’ cyberattacks detectable: experts

China’s three reports on Volt Typhoon revealed the truth behind the systematic cyberattack activities of the US and demonstrated that such operations of the US are detectable, experts said. China’s National Computer Virus Emergency Response Center (CVERC) on Monday released Read More …

Microsoft Digital Defense Report 2024: Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day

In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s Read More …

China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it

Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing. Published on Monday in five languages, a document titled “Lie Read More …

Misconfigurations in Microsoft Exchange open new doors to email spoofing attacks

A new report from the Acronis Threat Research Unit has uncovered a vulnerability in Microsoft Exchange Online settings that could enable email spoofing attacks. This issue primarily affects users with a hybrid configuration of on-premises Exchange and Exchange Online, and Read More …