
Blog Series
Microsoft

Microsoft discloses espionage attempt by...
Microsoft has revealed that a China-based hacking group, dubbed Storm-0558 was behind the calculated attempt to infiltrate email systems for intelligence collection purposes. The group breached email accounts of approximately...
Microsoft urges Exchange Admins to...
Microsoft recently issued a new security advisory urging Exchange Server administrators to remove certain antivirus software exclusions that could expose systems to attacks. According to the advisory, some antivirus programs...
Microsoft to retire Support Diagnostic...
Microsoft has announced that its support diagnostic tool, MSDT, will be phased out by 2025. The Windows Diagnostic Data Viewer (DDV) application will replace the tool, which is used by...
EmojiDeploy bug allows RCE in...
Ermetic researchers discovered EmojiDeploy, a cross-site request forgery (CSRF) bug in Microsoft Azure services that could allow attackers to remotely execute code on affected systems. According to the company’s blog...
Microsoft explains Zerobot malware’s new...
The Zerobot malware discussed in this blog post is unrelated to ZeroBot.ai, a GPT-3.5-powered verbal chatbot that shares the same name, and is also unrelated to the ZeroBot Raspberry Pi Zero...
Microsoft issues update to fix...
A few days after Microsoft acknowledged problems with Kerberos authentication that affected Windows Servers with the Domain Controller role, causing domain user sign and Remote Desktop connections to fail, Microsoft...
Microsoft patches Windows 0-day...
Microsoft has fixed six actively exploited Windows vulnerabilities and 68 vulnerabilities in its November 2022 Patch Tuesday. Eleven of the 68 vulnerabilities fixed are classified as “critical,” allowing privilege escalation,...
Cranefly hackers exploit Microsoft IIS...
Microsoft Internet Information Services (IIS), a web server that enables hosting of websites and web applications, is being exploited by the Cranefly hacking group to deploy and control malware on...
Malware campaign exploits Microsoft vulnerability...
Cisco Talos researchers have uncovered a social engineering malware campaign that exploits a remote code execution flaw in Microsoft Office to apply a Cobalt Strike beacon on compromised victims. The...
Hackers target Microsoft SQL servers...
Microsoft SQL servers are being targeted with FARGO ransomware according to AhbLab Security Emergency Response Center (ASEC) researchers. MS-SQL servers are considered database management systems that store data for internet...
New ‘GIFShell’ Attack Technique Exploits...
A new ‘GIFShell” attack technique exploits bugs and vulnerabilities in Microsoft Teams to abuse legitimate Microsoft infrastructure, execute malicious files, execute commands, and exfiltrate data. According to Bobby Rauch, the...