Microsoft SmartScreen proved to be an effective way of approving the legitimacy of the application – by checking one’s certificate. With time, Microsoft did a lot of work making it more efficient and sustainable to hacking – but that never made even a single mechanism secure from zero-day breaches. A new vulnerability that allows bypassing… Continue reading New Microsoft SmartScreen Bypass Technique Causes Concerns
Tag: Microsoft
North Korean Hackers Attack Cybersecurity Specialists by Offering Them Jobs via LinkedIn
Mandiant experts noticed that North Korean hackers have focused their attention and attacks on information security specialists. Attackers try to infect researchers with malware in the hope of infiltrating the networks of companies that the targets work for. Let me remind you that we also wrote that Nearly 50% of Cybersecurity Leaders Will Change Jobs… Continue reading North Korean Hackers Attack Cybersecurity Specialists by Offering Them Jobs via LinkedIn
Researcher Publishes RCE Exploit for Critical Vulnerability in Microsoft Word
A proof-of-concept exploit for the CVE-2023-21716 vulnerability in a Microsoft Office product, namely Microsoft Word, has emerged online. This issue has been rated 9.8 out of 10 on the CVSS Vulnerability Scoring Scale and can be used for remote code execution attacks via a malicious RTF file. Let me remind you that we also wrote… Continue reading Researcher Publishes RCE Exploit for Critical Vulnerability in Microsoft Word
Bing Chatbot Could Be a Convincing Scammer, Researchers Say
Security researchers have noticed that by using text prompts embedded in web pages, hackers can force Bing’s AI chatbot to ask for personal information from users, turning the bot into a convincing scammer. Let me remind you that we also recently wrote that Bing’s Built-In AI Chatbot Misinforms Users and Sometimes Goes Crazy, and also… Continue reading Bing Chatbot Could Be a Convincing Scammer, Researchers Say
Bing’s Built-In AI Chatbot Misinforms Users and Sometimes Goes Crazy
More recently, Microsoft, together with OpenAI (the one behind the creation of ChatGPT), introduced the integration of an AI-powered chatbot directly into the Edge browser and Bing search engine. As users who already have access to this novelty now note, a chatbot can spread misinformation, and can also become depressed, question its existence and refuse… Continue reading Bing’s Built-In AI Chatbot Misinforms Users and Sometimes Goes Crazy
Change in the IP Address of the Router Caused a Massive Outage of Microsoft Services
Last week, Microsoft 365 services around the world suffered a major outage that lasted about five hours. As the company said now, the problem was caused by a mistake when changing the IP address of the router, which led to problems with forwarding packets between other WAN routers and cascading. Let me remind you that… Continue reading Change in the IP Address of the Router Caused a Massive Outage of Microsoft Services
Microsoft Will Block Excel XLL Files Downloaded from the Internet
Microsoft developers are going to block some Excel add-in (.XLL) files for Microsoft 365. The new measures will include automatic blocking of such files downloaded from the Internet. Let me remind you that we also wrote that Hackers use the .NET library for creating malicious Excel files. Moreover, the media noted that For security reasons,… Continue reading Microsoft Will Block Excel XLL Files Downloaded from the Internet
Microsoft’s VALL-E AI Is Able to Imitate a Human Voice in a Three-Second Pattern
Microsoft engineers have introduced an AI (artificial intelligence) model for text-to-speech called VALL-E. It is able to imitate a human voice, relying only on a three-second sound sample. The developers claim that VALL-E can synthesize audio, where the “learned” voice says something, while retaining even the emotional coloring. You might also be interested in our… Continue reading Microsoft’s VALL-E AI Is Able to Imitate a Human Voice in a Three-Second Pattern
Windows 7 Extended Security Update Program cancelled
On January 8, 2023, Microsoft announced the cancellation of the ESU program for Windows 7. The OS version released back in 2009 now lost all the support from its developer. In January 2020, Microsoft canceled all updates for Windows 7, and the only Service Pack for this version was released in 2013. Let’s see what… Continue reading Windows 7 Extended Security Update Program cancelled
Hackers Use Excel Add-Ins as Initial Penetration Vector
Cisco Talos analysts say that hackers are now using Excel add-ins to infiltrate victims’ systems and networks. After Microsoft began blocking VBA macros in Office documents downloaded from the Internet (marked as Mark Of The Web), attackers had to rethink their attack chains: for example, now hackers are increasingly using Excel add-in files (.XLL) as… Continue reading Hackers Use Excel Add-Ins as Initial Penetration Vector