Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard
The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election — one of the APT's prime targets.
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election — one of the APT's prime targets.
Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country
It's North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection.
Also: Prison Sentences for BEC Scammers and a West African Cybercrime CrackdownThis week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows vulnerability: Is it real?
FSB Hackers Stripped of 107 Domains Used to Steal CredentialsThe U.S. Department of Justice and Microsoft seized more than 100 websites allegedly used by a Russian intelligence cyberespionage operation with a fondness for spear phishing. Targets include the national security apparatus and journalists, think tanks, and non-governmental organizations.
Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. [...]
Winter is coming The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims.…
Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard
Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. [...]
Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. [...]
Crooks 'like a sysadmin, with a malicious slant' Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.…
Thrive Capital, Microsoft, SoftBank, Nvidia Reportedly Lead OpenAI's Latest FundingOpenAI’s new $6.6 billion round of funding has nearly doubled its valuation to $157 billion. With investments from Thrive Capital, Microsoft, SoftBank and Nvidia, OpenAI plans to expand its AI research while facing pressures around executive turnover and its transition away from a nonprofit model.
Microsoft has released Office 2024 for small businesses and consumers who want a standalone version without a Microsoft 365 subscription. [...]
Microsoft is blocking Windows 24H2 upgrades on systems with incompatible Intel Smart Sound Technology (SST) audio drivers due to blue screen of death (BSOD) issues. [...]
Microsoft is working to fix several known issues behind Asphalt 8 game crashes and Easy Anti-Cheat blue screens on some Windows 24H2 systems. [...]
Microsoft has fixed a known issue affecting Outlook for Microsoft 365 users that caused problems sending emails for those with too many nested folders. [...]
Microsoft fixes a known issue in the Windows KB5043145 preview update that causes reboot loops, freezes systems, and breaks USB and Bluetooth devices. [...]
Today, Microsoft announced the release of Windows 11, version 24H2, the next feature update for its operating system (also known as the Windows 11 2024 Update). [...]
Microsoft has introduced an updated version of the "Publish API for Edge extension developers" that increases the security for developer accounts and the updating of browser extensions. [...]