#microsoft

Ransomware is a kind of malware used by cybercriminals to stop users from accessing their systems or files; the cybercriminals then threaten to leak, destroy or withhold sensitive information unless a ransom is paid. Ransomware attacks can target either the data held on computer systems (known as locker ransomware) or devices (crypto-ransomware). In both instances, once a ransom is paid, threat

A threat actor associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads.  According to a report published by SentinelOne last week, the incident occurred after obtaining initial access via the Log4Shell vulnerability against an unpatched VMware Horizon Server. "Once initial

PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.

Canary tokens — also known as honey tokens — force attackers to second-guess their potential good fortune when they come across user and application secrets.

Security chief counts new build system and greater intel sharing among positive legacies of watershed cyber-attack

Backdoor.Win32.Destrukor.20 malware suffers from an unauthenticated remote command execution vulnerability.

Easy Chat Server version 3.1 remote stack buffer overflow exploit.

Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.

The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. Due to the nature of this plugin, well crafted XSS can also leak into the frontpage.

The exploit researcher recently rejoined Talos after starting her career with the company’s predecessor  By Jonathan Munshaw.  Lurene Grenier says state-sponsored threat actors keep her up at night, even after years of studying and following them.   She’s spent her security career warning people why this was going to be a problem.  Today if someone is compromised by a well-funded, state-sponsored actor, she is concerned but doesn’t necessarily feel sorry. After all, she’s been warning the security community about this for years.  “You think about the phrase ‘fool me once, shame on you...’ Five years ago if we had this discussion and you were hit with an attack, you’d think ‘shame on China,’” she said. “Today, if we have that discussion about why you were hit, it’s shame on us.”  Grenier has spent her career looking at state-sponsored actor trends and writing detection content to block those actors. She was one of the first of the smaller research staff at the Sourcefire Vulnerability...