New Coyote banking trojan becomes first known instance of a threat actor weaponizing Windows accessibility features.
Posted inCybersecurity News

New Coyote banking trojan becomes first known instance of a threat actor weaponizing Windows accessibility features.

A new strain of the banking trojan known as Coyote is making headlines for exploiting a little-watched but powerful feature within the Windows operating system. Cybersecurity researchers have discovered that this malware is leveraging Microsoft’s UI Automation (UIA) framework, a tool originally designed to assist users with disabilities, to covertly harvest sensitive information and user credentials.
Microsoft SharePoint ToolShell attacks linked to Chinese-state hackers.
Posted inCybersecurity News

Microsoft SharePoint ToolShell attacks linked to Chinese-state hackers.

A major wave of cyberattacks, referred to as “ToolShell,” has recently targeted Microsoft SharePoint servers around the world. These attacks have been attributed to Chinese state-linked hackers and have affected government agencies, critical infrastructure, universities, and multinational corporations. The campaign exploited a chain of zero-day vulnerabilities in on-premises versions of Microsoft SharePoint, allowing for unauthenticated remote code execution and full system compromise.
Microsoft caught using Chinese engineers to maintain the US Department of Defense computer systems (with minimal supervision by U.S. personnel).
Posted inCybersecurity News

Microsoft caught using Chinese engineers to maintain the US Department of Defense computer systems (with minimal supervision by U.S. personnel).

In a development that has sparked significant scrutiny from lawmakers and national security experts, Microsoft has acknowledged employing engineers based in China to assist in maintaining cloud computing systems used by the U.S. Department of Defense (DoD). The revelation has raised serious questions about the oversight of critical military technologies and the adequacy of the federal government’s cybersecurity protocols.
Microsoft SharePoint zero-day exploited in remote code execution attacks around the world.
Posted inCybersecurity News

Microsoft SharePoint zero-day exploited in remote code execution attacks around the world.

Categorized as a remote code execution (RCE) flaw, this vulnerability is currently being exploited on a large scale, allowing attackers to take complete control of exposed on-premises SharePoint servers. As government agencies, educational institutions, energy sector, and major enterprises scramble to secure their infrastructure, understanding the mechanics, impact, and mitigations for this attack has become paramount.
Microsoft issues an out-of-band security update to fix a critical issue affecting Azure VMs running Windows 11.
Posted inCybersecurity News

Microsoft issues an out-of-band security update to fix a critical issue affecting Azure VMs running Windows 11.

Microsoft has issued an out-of-band update, KB5064489, to address a critical issue affecting specific Azure Virtual Machines (VMs) running Windows 11 version 24H2. This emergency patch resolves startup failures impacting VMs with certain configuration parameters and integrates previous security updates released earlier this month.
Microsoft says, ‘Goodbye, JScript. Hello JScript9Legacy,’ replacing the long-standing legacy JavaScript engine.
Posted inCybersecurity News

Microsoft says, ‘Goodbye, JScript. Hello JScript9Legacy,’ replacing the long-standing legacy JavaScript engine.

Microsoft has taken a significant step toward strengthening the security architecture of Windows 11 with the adoption of the JScript9Legacy engine, replacing the long-standing legacy JScript engine. This update, introduced with Windows 11 version 24H2, is part of Microsoft’s ongoing initiative to modernize the Windows platform and mitigate vulnerabilities associated with outdated components.
It’s the end of the world as we know it – Microsoft confirms problem with Windows Update is preventing the deployment of the latest updates.
Posted inCybersecurity News

It’s the end of the world as we know it – Microsoft confirms problem with Windows Update is preventing the deployment of the latest updates.

Microsoft has officially confirmed a significant issue impacting Windows Server Update Services (WSUS), the update management platform relied upon by countless organizations worldwide. This widespread problem is currently preventing WSUS servers from synchronizing with Microsoft Update, effectively blocking the deployment of the latest Windows updates across enterprise environments.