Move along. There’s nothing to see here. Microsoft ways just ignore any firewall errors after upgrading to Windows 11 24H2 Preview.
Posted inCybersecurity News

Move along. There’s nothing to see here. Microsoft ways just ignore any firewall errors after upgrading to Windows 11 24H2 Preview.

Following the recent rollout of the Windows 11 24H2 preview update (KB5060829), users and IT administrators have reported a surge in error messages related to Windows Firewall With Advanced Security. The issue, which manifests as recurring entries in the Event Viewer, has raised questions and concerns across the Windows community.
Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign.
Posted inCybersecurity News

Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign.

Hackers are increasingly leveraging PDF attachments in email-based phishing campaigns to impersonate trusted brands like Microsoft and DocuSign, as well as others such as NortonLifeLock, PayPal, and Geek Squad. The primary technique being used is known as callback phishing or Telephone-Oriented Attack Delivery (TOAD), where victims are persuaded to call phone numbers controlled by the attackers.
After the CrowdStrike fiasco, Microsoft is making changes to move antivirus protection out of the system kernel.
Posted inCybersecurity News

After the CrowdStrike fiasco, Microsoft is making changes to move antivirus protection out of the system kernel.

Why, oh why, would you ever allow someone else's code in your kernel, making yourself dependent on the stability of an outsider's system? But that's what Microsoft did - and they paid the price. But they're about to fix that. Microsoft is making significant changes to how security software, including antivirus and endpoint protection solutions, interacts with the Windows operating system. Following the July 2024 CrowdStrike incident—where a faulty update caused widespread system outages by affecting the Windows kernel—Microsoft has committed to reducing the risks associated with third-party security software running at the kernel level.
Energy sector is being targeted with malware that exploits Microsoft’s ClickOnce deployment on AWS cloud services.
Posted inCybersecurity News

Energy sector is being targeted with malware that exploits Microsoft’s ClickOnce deployment on AWS cloud services.

A sophisticated hacking campaign dubbed “OneClik” is exploiting Microsoft’s ClickOnce deployment technology and AWS cloud services to stealthily target organizations in the energy, oil, and gas sectors. Attackers initiate the attack through phishing emails containing links to fake “hardware analysis” sites hosted on Azure Blob Storage. These sites deliver a ClickOnce manifest (.application file) disguised as legitimate software.
A newly discovered campaign, active since at least 2021, targeted 70 Microsoft Exchange servers worldwide using sophisticated keylogger malware.
Posted inCybersecurity News

A newly discovered campaign, active since at least 2021, targeted 70 Microsoft Exchange servers worldwide using sophisticated keylogger malware.

A recent, significant cyberattack campaign has targeted over 70 Microsoft Exchange servers across 26 countries, with the aim of stealing user credentials using sophisticated keylogger malware. The attacks have been documented by cybersecurity researchers, particularly Positive Technologies, who identified two main types of keylogger code injected into the Outlook login pages of compromised servers.