Fortra Joins With Microsoft, Health-ISAC to Combat Cobalt Blue Fraud
In this Dark Reading News Desk segment, Frotra's Bob Erdman discusses Fortra's recent collaboration with Microsoft and Health-ISAC.
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
In this Dark Reading News Desk segment, Frotra's Bob Erdman discusses Fortra's recent collaboration with Microsoft and Health-ISAC.
A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive. [...]
Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain's DNS SPF record. [...]
Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution
Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network. [...]
Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks. [...]
A very useful and previously unknown Windows tip was revealed this week, where you can halt process jumping in Task Manager by holding down the Ctrl key on your keyboard, allowing easier access to a listed process. [...]
A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system
Microsoft is aware of the issue, but so far its attempts to address it don't appear to have worked, the vendor says.
A new campaign involving the delivery of proxy server apps to Windows systems has been uncovered, where users are reportedly involuntarily acting as residential exit nodes controlled by a private company. [...]
Attackers sent more than 1,000 emails with 2FA, MFA, and other security-related lures aimed at stealing Microsoft credentials.
Threat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months
Can the government help fix what's wrong in cloud security? An upcoming investigation is going to try.
Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows. [...]
A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information from compromised Microsoft Windows systems
The vulnerabilities put critical infrastructure organizations at risk of attacks such as remote code execution (RCE) and denial of service (DoS)
PLUS: Phishing campaign targets the C-suite; Cybercrime arrests in EU and Africa; and more Infosec in brief The July breach of Microsoft Exchange Online by suspected Chinese hackers is the next topic up for review by the Department of Homeland Security's Cyber Safety Review Board (CSRB). …