#microsoft

Backdoor.Win32.Hupigon.acio malware suffers from an unquoted service path vulnerability.

Microsoft 365 (M365), formerly called Office 365 (O365), is Microsoft's cloud strategy flagship product with major changes ahead, such as the deprecation of their legacy authentication protocols. Often stored on or saved to the device, Basic Authentication protocols rely on sending usernames and passwords with every request, increasing the risk of attackers capturing users' credentials,

Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind an ongoing wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"

Manipulated Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.”

The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the internet.

UltimaSMS leverages at least 151 apps that have been downloaded collectively more than 10 million times, to extort money through a fake premium SMS subscription service.

Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that's being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully

By Waqas So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. This is a post from HackRead.com Read the original post: SolarWinds hackers, Nobelium, hit cloud providers and resellers

By Waqas So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. This is a post from HackRead.com Read the original post: SolarWinds hackers, Nobelium, hit cloud providers and resellers

Microsoft says the group has attacked more than 140 service providers, and compromised 14 of them, between May and October of this year.