Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit – Go Health Pro

Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit – Go Health Pro

A new phishing-as-a-service (PhaaS) kit known as “SessionShark” targets Microsoft Office 365 accounts and claims to enable multi-factor authentication (MFA) bypass while evading common detection methods, SlashNext reported in a blog post Thursday.SessionShark allegedly serves as an adversary-in-the-middle (AiTM) tool that intercepts login credentials and user session tokens, the latter of which can be used … Read more

Microsoft gives update on Secure By Design – Go Health Pro

Microsoft gives update on Secure By Design – Go Health Pro

Microsoft’s internal security campaign is making strides as it works to dog food its own services into its internal security efforts.Note: “Dog Food” is not intended as a derogatory term in this case. It refers to the process in which a vendor utilizes its own products and processes internally in an effort to prove their … Read more

Alarms sound over attacks via Microsoft NTLM vulnerability – Go Health Pro

Alarms sound over attacks via Microsoft NTLM vulnerability – Go Health Pro

A vulnerability previously thought to be a low-priority was cast into the spotlight thanks to a newly revealed exploit in the wild.Administrators were advised to test and install Microsoft’s March security fixes to prevent exploitation of the flaw.Researchers with security vendor CheckPoint report finding active exploits in the wild targeting the Microsoft flaw designated as … Read more

Black Basta-like Microsoft Teams phishing leads to novel backdoor – Go Health Pro

Black Basta-like Microsoft Teams phishing leads to novel backdoor – Go Health Pro

A Microsoft Teams phishing campaign, leveraging techniques commonly used in Black Basta ransomware attacks, was found to spread a unique PowerShell backdoor in recent attacks, ReliaQuest reported Friday.The March 2025 malware campaign also leveraged a persistence tactic never before seen in the wild, according to ReliaQuest, in which the Windows Type Library (TypeLib) is hijacked … Read more

Microsoft is putting privacy-endangering Recall back into Windows 11 – Go Health Pro

Microsoft is putting privacy-endangering Recall back into Windows 11 – Go Health Pro

Security and privacy advocates are girding themselves for another uphill battle against Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store everything a user does every three seconds. When Recall was first introduced in May of last year, security practitioners roundly castigated it for creating a gold mine for … Read more