'

How the Microsoft Incident Response team helps customers remediate threats

How the Microsoft Incident Response team helps customers remediate threats

Each year, organizations face tens of billions of malware, phishing, and credential threats—with real-world impacts. When an attack succeeds, it can result in grave impacts on any industry. For example, it could delay a police or fire department’s response to an emergency, prevent a hospital from accessing lifesaving equipment or patient data, or shut down … Read more

CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog

CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-24489 in Citrix ShareFile to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added critical flaw CVE-2023-24489 (CVSS score 9.8) affecting Citrix ShareFile to its Known Exploited Vulnerabilities Catalog. Citrix ShareFile is a secure file sharing and storage platform designed for businesses and professionals to collaborate on documents, exchange … Read more

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS 

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS 

Microsoft’s cyberphysical system researchers recently identified multiple high-severity vulnerabilities in the CODESYS V3 software development kit (SDK), a software development environment widely used to program and engineer programmable logic controllers (PLCs). Exploitation of the discovered vulnerabilities, which affect all versions of CODESYS V3 prior to version 3.5.19.0, could put operational technology (OT) infrastructure at risk … Read more

New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection

New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection

With more than 90 percent of organizations adopting a multicloud strategy1 and cloud-based cyberattacks growing 48 percent year over year,2 securing multicloud and hybrid environments is more important than ever. To successfully protect multicloud infrastructure—where customers are utilizing two or more cloud providers—as well as applications and data, today’s organizations need to both proactively reduce … Read more

Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks

Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks

I recently worked with an enterprise customer who experienced a data exfiltration attack using the characteristics of the BazaCall campaign. BazaCall can be both a ransomware and data exfiltration attack that are used together to increase pressure on and damage to the victim. Microsoft Purview has data security capabilities that form part of a holistic … Read more

Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things

How the Microsoft Incident Response team helps customers remediate threats

The recently published United States National Cybersecurity Strategy warns that many popular Internet of Things (IoT) devices are not sufficiently secure to protect against many of today’s common cybersecurity threats.1 The strategy also cautions that many of these IoT devices are difficult—or, in some cases, impossible—to patch or upgrade. A key development occurred on July … Read more

A massive phishing campaign using QR codes targets the energy sector

A massive phishing campaign using QR codes targets the energy sector

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. Starting from May 2023, researchers from Cofense discovered a large-scale phishing campaign using QR codes in attacks aimed at stealing the Microsoft credentials of users from multiple industries One of the organizations targeted by hackers is a … Read more

AI-Powered Fuzzing: Breaking the Bug Hunting Barrier

AI-Powered Fuzzing: Breaking the Bug Hunting Barrier

Dongge Liu, Jonathan Metzman, Oliver Chang, Google Open Source Security Team  Since 2016, OSS-Fuzz has been at the forefront of automated vulnerability discovery for open source projects. Vulnerability discovery is an important part of keeping software supply chains secure, so our team is constantly working to improve OSS-Fuzz. For the last few months, we’ve tested … Read more

Semperis aims to ensure security in Active Directory migrations, consolidation

Semperis aims to ensure security in Active Directory migrations, consolidation

Companies often have extended, complex Active Directory infrastructures that have been expanded over time to encompass different domains, potentially creating security issues when they move to a new AD environment. A new AD migration and consolidation offering from identity-based cybersecurity provider Semperis is designed to tackle this problem head-on, streamlining the transition process while ensuring … Read more

Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks

Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks

Researchers are warning in a new report that PowerShell Gallery (PSGallery), the central repository for PowerShell modules and scripts, lacks package name and ownership protections that other popular registries such as npm put in place to prevent typosquatting attacks. Furthermore, the report found that it is possible to find and access PowerShell Gallery packages that … Read more

Incident response lessons learned from the Russian attack on Viasat

Incident response lessons learned from the Russian attack on Viasat

On February 24, 2022, on the eve of Russia’s invasion of Ukraine, KA-band satellite provider Viasat became the first prominent victim of Russian cyber aggression when a wiper attack turned off tens of thousands of Viasat’s government and commercial broadband customers’ modems. At this year’s Black Hat and DEF CON conferences, Viasat representatives spelled out … Read more