by Surur
5 days
Microsoft has posted another update on the Solarwinds attack which infected 18,000 companies last year, including Microsoft’s network. This time their post is a deep dive on how the attackers worked to evade detection and sp...
by Surur
1 week
In a post on the Microsoft Security Response Centre Microsoft has warned network admins that a coming Windows Security Update will soon mean that Domain Controller enforcement mode will be enabled by default. The move is to addres...
by Surur
1 week
On the Microsoft Security and Compliance blog, Microsoft has just announced that they are switching Microsoft Defender for Endpoint from Require approval for any remediation (semi) to Remediate threats automatically (full), starti...
by Surur
2 weeks
Infosec researcher Jonas L has discovered a short string which, when it forms part of a filesystem pathway, will cause any Windows 10 hard drive to be corrupted. The short string can be delivered to the OS in a number of ways, suc...
by Surur
3 weeks
Another victim of the massive Russia-inspired Solarwinds hack has come forward, with the US Department of Justice admitting that its email servers, powered by Microsoft 365, were hacked by the exploited software. In a statement, t...
by Surur
1 month
With the recent report that hackers have been exploiting Microsoft 365 to compromise commercial and sensitive government networks, the US Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (...
by Surur
1 month
Google’s Project Zero has released proof of concept code for a high severity elevation of privilege flaw in Windows 10. The flaw involves the splwow64.exe Windows process, in that Google found a malicious process can send a ...
by Surur
1 month
Today Reuters reported that Microsoft has also been involved in the Solarwinds attack which has seen more than 18,000 companies and government institutions being infected with a backdoor which would allow hackers, likely Russian i...
by Surur
1 month
Microsoft, FireEye, and GoDaddy have taken advantage of a killswitch in the Sunburst malware distributed as part of the Solarwinds hack, which has affected more than 18,000 companies and government institutions. The infected DLL w...
by Surur
1 month
We reported yesterday on allegations that Microsoft’s Microsoft 365 platform was abused by hackers to spy on the U.S. Treasury Department. Microsoft has responded by posting a guide for admins “to find and mitigate pot...
by Surur
1 month
Reuters report that hackers have been spying on the email of the U.S. Treasury Department for months by breaching their installation of Microsoft 365. The hackers were able to defeat Microsoft’s platform’s authentication c...
