Microsoft

Threat actors could exploit a critical zero-day vulnerability in Windows Search to run remotely hosted malware just by automatically opening a search window with a Word document. According to theRead More →

Researchers at security firm Fortinet report detecting a fraudulent campaign based on the delivery of three pieces of fileless malware with enhanced confidential information-stealing capabilities. The malware is delivered throughRead More →

After a researcher detected a specially crafted Word file to run arbitrary PowerShell on Windows systems, Microsoft confirmed that its operating system is affected by a zero-day vulnerability tracked asRead More →

Cybersecurity specialists published a report detailing the finding of what they describe as a “design flaw” in the Fast Identity Online (FIDO) passwordless authentication system. The report, titled “Provable SecurityRead More →

Microsoft published a report detailing its researchers’ findings on payment card stealing malware, mentioning that threat actors increasingly use malicious PHP scripts to manipulate payment systems and bypass online securityRead More →

Cybersecurity specialists reported the detection of a new cyberattack method that would allow threat actors to deliver phishing emails inadvertently for security mechanisms, exploiting a key difference in the wayRead More →

Cybersecurity specialists reported the detection of a new post-exploitation framework that would allow the compromise of Microsoft Exchange servers. Identified as IceApple, this framework was developed by threat actors capableRead More →

Microsoft announced the release of several security updates to address a severe vulnerability in the Azure Synapse and Azure Data Factory pipelines whose exploitation would allow threat actors to executeRead More →