Tag Archives: Microsoft

Vulnerability in Microsoft Authorization System Allows Hacking Accounts

Microsoft Authorization System Vulnerability

Security researchers from the Israeli company CyberArk discovered a vulnerability in the Microsoft authorization system, which allows hacking accounts. This vulnerability is located in the Microsoft Azure cloud service. The problem affects certain applications that use the Microsoft OAuth 2.0 authorization protocol, and its operation allows creating tokens for entering the system. In this way, attackers can take control of …

Read More »

Microsoft experts talked about Dexphot malware, which infected more than 80,000 machines

Microsoft talked about Dexphot malware

Microsoft experts talked about the Dexphot malware, which has been attacking Windows machines since the fall of 2018. In June 2019, the activity of the malware reached its peak, when more than 80,000 systems became victims of the botnet. Now experts say that Dexphot’s activity is declining, including because of the countermeasures they are taking. The main goal of Dexphot …

Read More »

Scripts for clickjacking detected on sites with a total audience of 43 million users per day

Scripts for clickjacking detected on sites with a audience of 43 million users

For the first time clickjacking attracted the attention of information security experts more than ten years ago, and since that time it continues to be very popular with cybercriminals. Now scripts for clickjacking detected on many sites. Despite the constant improvement of protection mechanisms against this threat by browser developers, it is not possible to destroy it. A team of …

Read More »

On GitHub published a detailed analysis of BlueKeep vulnerability that simplifies creation of exploits

As part of the May “Tuesday updates”, Microsoft fixed the critical vulnerability CVE-2019-0708 (also known as BlueKeep) related to the operation of Remote Desktop Services (RDS) and RDP. Although the technical details of the problem were not disclosed due to its high level of threat, it is known that with the help of this bug attackers can execute arbitrary code …

Read More »

Microsoft warns of Astaroth fileless Trojan attacks

Astaroth Trojan

Microsoft experts warned users about an active malicious campaign to infect computers with Astaroth malware, which is difficult to detect with familiar security solutions. The Windows Defender ATP development team, a commercial version of the Windows Defender antivirus product, discovered the campaign. “Our experts suspected something was wrong after the discovery of a sharp surge in the use of the …

Read More »

Linux worm infects Azure installations through Exim vulnerability

Azure under attack

Microsoft warned users about a new worm for Linux that spreads through Exim mail servers. According to experts, malware has already compromised a number of Azure installations. As it was discovered last week, cybercriminals are attacking millions of mail servers with an Exim client installed through CVE-2019-10149 vulnerability. The problem affects Exim versions from 4.87 to 4.91 and allows an …

Read More »

Participant in the Metasploit project created a working module for exploiting the BlueKeep vulnerability


A security researcher under the nick Zerosum0x0 created module for the Metasploit framework that exploits the BlueKeep vulnerability on Windows XP, 7 and Server 2008. BlueKeep (CVE-2019-0708) is a “worm-like” vulnerability that allows causing a wave of mass malware infections, similar to WannaCry attacks in 2017. The problem affects Remote Desktop Services in Windows 7, Server 2008, Windows XP and …

Read More »

Microsoft published list of dangerous legitimate applications

Microsoft blacklist

Microsoft composed and published a list of legitimate applications that can be used by attackers for bypassing Windows Defender security rules. Corporation notifies that attackers can penetrate organization’s network by using this legitimate programs. Microsoft refers to a special method that use cybercriminals – Living off. Living off suggests exploitation of OS functions or legitimate administrating tools in compromising corporate …

Read More »

Microsoft released new version of Attack Surface Analyzer utility

Attack Surface Analyzer

Version 1.0 was released seven years ago, and now technical giant announced Attack Surface Analyzer 2.0. This instrument fixes changes in Windows system in the process of side applications installation. In the last seven years a bulk of system administrators and researchers routinely used years Attack Surface Analyzer that became practically indispensable tool. Possibility of tracing changes in configuration of …

Read More »

For protection from similar to WannaCry worm Microsoft released updates for old Windows versions

microsoft patch

Microsoft highly recommends users of old Microsoft versions (Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2 and Windows Server 2008) update their systems with the use of yesterday released update. Corporation fixed quickly spreading malware program that resembles WannaCry. Exploit that use attackers involves vulnerability of the remote code execution (RCE) in Remote Desktop Services. Seriousness of …

Read More »

Microsoft acknowledged that policy of password aging is ineffective

Windows password

Microsoft decided to step away from policy of password aging that forced users to change saved passwords from time to time. Technical giant presented new project plan of basic configuration settings for Windows 10 v1903 (19H10) and Windows Server v1903, that would eliminate the need to change password every weeks or months in accounts that are under group policy. Innovation …

Read More »

Microsoft IE11 vulnerability is more dangerous than it seemed as browser Edge is also sensitive to it

Researchers noted strange behavior in Windows 10 that can allow intruders remotely steal files that are stored on hard disks after user opens malware file in Microsoft Edge. For the first time problem was reported when cybersecurity researcher John Page published information about vulnerability in Microsoft Internet Explorer 11 that allows opening access to files on Microsoft OS. Page also …

Read More »

Hackers more than half a year had access to correspondence of Microsoft mailing services users

Microsoft mail hacked

According to Microsoft report, between January 1, 2019 till March 28, 2019, third parties had access to data, connected with foreign email-accounts. Company explains that unknown intruders compromised account details of unnamed technical service employee and got access to folders, email themes, email-accounts and other correspondence details. Although initially Microsoft denied that hackers had access to letters and attachments, soon …

Read More »

Microsoft report: in March hackers actively used WinRAR vulnerabilities

WinRar hacked

Microsoft published details of Windows-managed attacks on computers in media companies that took place in March. In the attacks, criminals utilized famous WinRAR vulnerability that gained popularity within criminal groups in the latest months. Hackers armed themselves with it immediately after publication by Check Point company, on February 20. That time researchers demonstrated how through this vulnerability code with the …

Read More »

In new patch Microsoft corrected 74 bugs, including two 0-day vulnerabilities

Microsoft Corporation issued update package that treats 74 bugs, including two zero-day (0-day) vulnerabilities in different products. Two recently discovered issues as CVE-2019-0803 and CVE-2019-0859 are vulnerabilities of privilege shift that involve Win32k component. According to Microsoft description, bug exists due to incorrect procession of memory volumes, and its exportation allows using a code in a kernel mode. As a …

Read More »