New Phishing toolkit lets anyone create fake Chrome browser windows
A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. [...]
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. [...]
Microsoft has released a new Windows 11 build with a long list of changes, improvements, fixes for known issues, available for all Windows Insiders that will install the Windows 11 Insider Preview Build 22579 pushed to the Dev Channel. [...]
Microsoft has reminded Windows customers today that they'll finally retire the Internet Explorer 11 web browser from some Windows 10 versions in June and replace it with the new Chromium-based Microsoft Edge. [...]
The TrickBot trojan has just added one more trick up its sleeve, now using vulnerable IoT (internet of things) devices like modem routers as proxies for its C2 (command and control) server communication. [...]
Hackers target poorly secured Microsoft SQL and MySQL database servers to deploy the Gh0stCringe remote access trojans on vulnerable devices. [...]
Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems. [...]
Ukraine's Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware. [...]
Microsoft has begun testing promotions for some of its other products in the File Explorer app on devices running its latest Windows 11 Insider build. [...]
Microsoft has removed the last Windows 11 safeguard hold after Oracle addressed a known VirtualBox issue causing errors and virtual machine start failures when Hyper-V or the Windows Hypervisor were installed. [...]