Blog - Page 382 of 938

Microsoft Exchange servers hacked via OAuth apps for phishing

Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending phishing emails. […]

21 Sep

Windows 11 gets better protection against SMB brute-force attacks

Microsoft announced that the Windows 11 SMB server is now better protected against brute-force attacks with the release of the Insider Preview Build 25206 to the Dev Channel. […]

21 Sep

Domain shadowing becoming more popular among cybercriminals

Threat analysts at Palo Alto Networks (Unit 42) discovered that the phenomenon of ‘domain shadowing’ might be more prevalent than previously thought, uncovering 12,197 cases while scanning the web between April and June 2022. […]

21 Sep

Twitter failed to log you out of all devices after password resets

Twitter logged out some users after addressing a bug where some Twitter accounts remained logged on some mobile devices after voluntary password resets. […]

21 Sep

FBI: Iranian hackers lurked in Albania’s govt network for 14 months

The Federal Bureau of Investigation (FBI) and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government’s network in July lurked inside its systems for roughly 14 months. […]

21 Sep

LockBit ransomware builder leaked online by “angry developer”

The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang’s newest encryptor. […]

20 Sep

Imperva mitigated long-lasting, 25.3 billion request DDoS attack

Internet security company Imperva has announced its DDoS (distributed denial of service) mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers. […]

20 Sep

2K Games says hacked help desk targeted players with malware

American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. […]

20 Sep

Windows 10 KB5017380 preview update released with new FIDO2 features

Microsoft has released the optional KB5017380 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 with new FIDO2 and Windows Hello features. […]

20 Sep

Windows 11 22H2 adds kernel exploit protection to security baseline

Microsoft has released the final version of security configuration baseline settings for Windows 11, version 22H2, downloadable today using the Microsoft Security Compliance Toolkit. […]