The National Security Agency (NSA) is warning of a known vulnerability in the Microsoft Windows secure startup process that malicious actors could use to bypass Secure Boot protection and execute BlackLotus malware.
Microsoft has warned that Nobelium is currently conducting a phishing campaign after the Russian-backed group managed to take control of the account used by USAID on the email marketing platform Constant Contact. The phishing campaign has targeted around 3,000 accounts linked to government agencies, think tanks, consultants, and non-governmental organizations.
Microsoft has addressed companies who have not yet updated their systems to address the critical Zerologon flaw, a vulnerability in the cryptography of Microsoft's Netlogon process that allows an attack against Microsoft Active Directory domain controllers, making it possible for a hacker to impersonate any computer, including the root domain controller.
Microsoft has taken action to disrupt a botnet called Trickbot, one of the world’s most infamous botnets and prolific distributors of ransomware. Trickbot has infected over a million computing devices around the world since late 2016.
The question is this. Is this skepticism based on fact or as a result of that well-established human trait – resistance to change? In other words, does the convenience offered by a cloud app outweigh potential security threats such as hacking, and how susceptible are SaaS (Software as a Service) cloud apps to attack in the first place? To answer this question, let’s consider Microsoft Office 365, which is one of the most widely used software packages on the planet with more than 27 million consumer users and over 100 million enterprise users.
Throughout his career, Brian Tuskan has been driven by a love of technology, a hardworking reputation and a desire to help others. However, his eye has always been on the Microsoft CSO role. Now, he’s taking his place at the head of the pioneering global security organization.
Microsoft has expanded its $100,000 bounty program Monday, and will accept reports of in-the-wild attacks that demonstrate new techniques of bypassing Windows’ anti-exploit technologies, Computerworld reports.