An UNC3944 attack highlights how threat actors can abuse legitimate cloud resources for various purposes after compromising the Azure administrator's account.
Microsoft has patched two flaws (CVE-2023-29336 and CVE-2023-24932) that have been actively exploited.
Microsoft has attributed exploitation attempts of CVE-2023-27350 and CVE-2023-27351 to a Clop ransomware affiliate.
Microsoft has patched a zero day in the Windows common log file system driver that has been actively exploited.
Microsoft, Fortra, and the Health-ISAC have obtained a court order to disrupt the use of cracked copies of Cobalt Strike, which are often used in ransomware intrusions.