Microsoft

Got a Microsoft Teams invite? Storm-2372 Gang Exploit Device Codes in Global Phishing Attacks – Go Health Pro

by
Got a Microsoft Teams invite? Storm-2372 Gang Exploit Device Codes in Global Phishing Attacks – Go Health Pro

Security experts have warned that a cybercriminal group has been running a malicious and inventive phishing campaign since August 2024 to break into organizations across Europe, North America, Africa, and the Middle East. The Russian group, known as Storm-2372, has targeted government and non-governmental organisations (NGOs), as well as firms working in IT, defence, telecoms, … Read more

Microsoft 365 accounts targeted in device code spear-phishing scheme – Go Health Pro

by
Microsoft 365 accounts targeted in device code spear-phishing scheme – Go Health Pro

Microsoft revealed an ongoing spear-phishing campaign that abuses the legitimate device code authentication flow to gain access to Microsoft 365 accounts.Device code authentication is used to access Microsoft 365 services from “input-constrained devices” such as printers, smart TVs, game consoles and other internet-of-things (IoT) devices that do not have a web browser.Microsoft said in a … Read more

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux – Go Health Pro

by
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux – Go Health Pro

Feb 13, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it … Read more

Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security – Go Health Pro

by
Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security – Go Health Pro

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name CVE-2025-21418. This patch should be a … Read more

Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service – Go Health Pro

by
Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service – Go Health Pro

Microsoft has fixed a critical vulnerability in its Azure AI Face service deemed worthy of a CVSS score of 9.9 potentially leading to elevation of privileges over a network. Azure AI Face is a cloud-based facial recognition service that is capable of detecting, analyzing and recognizing human faces. The service can be used by developers … Read more

x