SEARCH
Archive
IceApple Post-Exploitation Framework Deployed on Exchange Servers
Researchers have discovered a sophisticated post-exploitation framework being deployed on Microsoft Exchange servers to assist threat actors with credential harvesting and local reconnaissance.
After Microsoft Macro Malware Crackdown, Attackers Explore New Options
After Microsoft started blocking macros obtained from the internet by default, email attackers are exploring alternative techniques to distribute Emotet, Qakbot, IcedID and other payloads.
Microsoft Uncovers ‘Nimbuspwn’ Flaws in Linux Service
Microsoft researchers found a group of vulnerabilities dubbed Nimbuspwn in a Linux service named networkd-dispatcher that can lead to root privileges.
Microsoft Confirms Hack by Lapsus$ Group
Microsoft has confirmed that the Lapsus$ group gained "limited" access after the group leaked Bing, Bing Maps and Cortana source code.
Microsoft to Block Macros by Default in Office Apps
Microsoft is blocking macros by default for Office, which it hopes will make abuse by cybercriminals more difficult.