Microsoft

AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds

Posted on by Admin
AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds

For the third consecutive quarter, Gartner has found that cyber attacks staged using artificial intelligence are the biggest risk for enterprises. The consulting firm surveyed 286 senior risk and assurance executives from July through September, and 80% cited AI-enhanced malicious attacks as the top threat they were concerned about. This isn’t surprising, as evidence suggests AI-assisted attacks are on the rise. Other commonly cited emerging risks outlined in the report include AI-assisted misinformation, escalating political…

Read More

Midnight Blizzard Escalates Spear-Phishing Attacks

Posted on by Admin
Midnight Blizzard Escalates Spear-Phishing Attacks

Microsoft Threat Intelligence has uncovered a new attack campaign by Russian threat actor Midnight Blizzard, targeting thousands of users across over 100 organizations. The attack leverages spear-phishing emails with RDP configuration files, allowing attackers to connect to and potentially compromise the targeted systems. The attack campaign targeted thousands of users in higher education, defense, non-governmental organizations, and government agencies. Dozens of countries have been impacted, particularly in the U.K., Europe, Australia, and Japan, which is…

Read More

Microsoft: Ransomware Attacks Growing More Dangerous, Complex

Posted on by Admin
Microsoft: Ransomware Attacks Growing More Dangerous, Complex

The number of attempted ransomware attacks on Microsoft customers globally have grown dramatically in the last year, according to Microsoft’s Digital Defense report, released on Oct. 15. However, advancements in automatic attack disruption technologies have led to fewer of these attacks reaching the encryption stage. Microsoft reported 600 million cybercriminal and nation-state attacks occurring daily. While ransomware attempts increased by 2.75 times, successful attacks involving data encryption and ransom demands dropped by three-fold. The inverse…

Read More

Generative AI in Security: Risks and Mitigation Strategies

Posted on by Admin
Generative AI in Security: Risks and Mitigation Strategies

Generative AI became tech’s fiercest buzzword seemingly overnight with the release of ChatGPT. Two years later, Microsoft is using OpenAI foundation models and fielding questions from customers about how AI changes the security landscape. Siva Sundaramoorthy, senior cloud solutions security architect at Microsoft, often answers these questions. The security expert provided an overview of generative AI — including its benefits and security risks — to a crowd of cybersecurity professionals at ISC2 in Las Vegas…

Read More

Patch Tuesday: Internet Explorer Vulnerabilities Patched

Posted on by Admin
Patch Tuesday: Internet Explorer Vulnerabilities Patched

A breach in the engine behind Internet Explorer and a vulnerability in the Remote Desktop Protocol Service top the list of about 117 patches deployed in Microsoft’s monthly update. Around the same time, Apple has released a fix for macOS 15 that restores functionality to some third-party security tools. Patch Tuesday is a useful reminder for admins to ensure applications and security services are up to date. Microsoft Management Console vulnerability exploited Despite previous reports…

Read More

US, Microsoft Aim to Disrupt Russian threat actor ‘Star Blizzard’

Posted on by Admin
US, Microsoft Aim to Disrupt Russian threat actor ‘Star Blizzard’

New reports from both Microsoft’s Digital Crimes Unit and the U.S. Department of Justice expose a disruptive operation against more than 100 servers used by “Star Blizzard” — a Russian-based cyber threat actor specializing in compromising email boxes to exfiltrate sensitive content or interfere with the target’s activities. Who is Star Blizzard? Star Blizzard is also known as Seaborgium, Callisto Group, TA446, Coldriver, TAG-53 or BlueCharlie. According to various government entities around the globe, Star…

Read More

Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns

Posted on by Admin
Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns

Check Point’s Harmony Email & Collaboration team detected over 5,000 emails disguised as Microsoft product notifications, which could lead to email extortion, the cybersecurity company said on Oct. 2. The emails stand out for their polished appearance and the inclusion of legitimate links. The announcement comes as part of Cybersecurity Awareness Month, highlighting the ongoing risks posed by phishing attacks. Email scam campaign stands out for polished appearance The emails come from “organizational domains impersonating…

Read More

What’s Inside Microsoft’s Major Windows 11 Update?

Posted on by Admin
What’s Inside Microsoft’s Major Windows 11 Update?

Microsoft has begun rolling out its new Windows 11 update for 2024 — but it will come in phases. The update, known as version 24H2, opens the door to Microsoft’s new AI features in select PCs. The annual update also brings a new look for File Explorer, the sudo command for elevating privileges in a regular console session, new features and tools for IT teams, security updates, and more. File explorer and quick settings boast…

Read More

Microsoft Reports on Progress of Revamping Security Efforts

Posted on by Admin
Microsoft Reports on Progress of Revamping Security Efforts

On Sept. 23, Microsoft released a report detailing the progress of the Secure Future Initiative, the company-wide overhaul put in place in November 2023. The Secure Future Initiative exists to improve security in the wake of some high-profile vulnerabilities in 2023. These vulnerabilities included a breach in Microsoft Exchange Online that allowed threat actors associated with the Chinese government to access U.S. government emails in 2023. In April 2024, the U.S. Cyber Safety Review Board…

Read More

Email Attacks a Problem for National Infrastructure Companies

Posted on by Admin
Email Attacks a Problem for National Infrastructure Companies

Cyber attackers are repeatedly using malicious emails to infiltrate critical national infrastructure. Up to 80% of CNI companies experienced an email-related security breach in the last year, according to a new report from security solution provider OPSWAT. Compromising CNI, like utilities, transport, telecommunications, and now data centres, can lead to widespread disruption, making it a prime target for cyber attacks. A recent report from Malwarebytes found that the services industry is the worst affected by…

Read More
1 2 3 4 5 8