SEARCH
Archive
Russian Threat Actor Leverages Microsoft Teams in Phishing Attacks
Researchers with Microsoft on Wednesday said that the threat actor has used a “highly targeted” social engineering attack to hit 40 global organizations.
Microsoft: China-Based Hackers Accessed U.S. Government Emails
The threat group used forged authentication tokens - with an acquired Microsoft account consumer signing key - to access the email accounts of more than two dozen organizations.
Microsoft Warns of Unpatched Office Zero Day
The Microsoft zero-day flaw (CVE-2023-36884) is being leveraged by a Russian-based cybercriminal group in phishing emails sent to defense and government entities in Europe and North America.
RedDriver Abuses Windows Driver Policy Loophole
An undocumented malicious driver called RedDriver uses an open-source tool to forge signature timestamps, as a way to bypass Microsoft’s Windows driver signature enforcement policies.
Microsoft Azure Serial Console Abused in UNC3944 Attacks
An UNC3944 attack highlights how threat actors can abuse legitimate cloud resources for various purposes after compromising the Azure administrator's account.