Tag: Microsoft

Microsoft SharePoint Vulnerability Exploited, Update Now

A critical vulnerability in Microsoft SharePoint is now under active exploitation

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a flaw in Microsoft SharePoint. It was detected back in September 2023, but the facts of active exploitation surfaced only recently. Fortunately, Microsoft offers updates that fix the flaw. Remote code execution vulnerability A vulnerability designated… Continue reading Microsoft SharePoint Vulnerability Exploited, Update Now

Usermode Font Driver Host (fontdrvhost.exe)

Usermode Font Driver Host is a crucial system element, that is sometimes prone to cause problems

The Usermode Font Driver Host process is an important part of the Windows operating system. It may raise questions among users due to its high consumption of resources such as CPU and memory. Let’s find out what this process is and whether you can do without it. What is Usermode Font Driver Host? The Usermode… Continue reading Usermode Font Driver Host (fontdrvhost.exe)

Trojan:Win32/Vigorf.A

Trojan:Win32/Vigorf.A is able to infiltrate the computer system, install additional malware and remain undetected by antivirus programs.

Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant harm to the system. In this article, let’s find out how dangerous Vigorf.A is and how to get rid of it. What is Trojan:Win32/Vigorf.A? Trojan:Win32/Vigorf.A is the detection name that Microsoft Defender attributes to dropper/loader… Continue reading Trojan:Win32/Vigorf.A

Microsoft is Hacked, Again by Midnight Blizzard

The company claims being repeatedly hacked with the use of leaked auth secrets

Microsoft acknowledges being hacked for the second time this year, by the same Russia state-sponsored group Midnight Blizzard. The company confirms that this new breach is the outcome of the previous one, as hackers were able to get their hands on access secrets. Microsoft Hacked, Source Code Leaked In its K-8 filing to SEC, Microsoft… Continue reading Microsoft is Hacked, Again by Midnight Blizzard

Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

A once-patched vulnerability in Microsoft Windows Defender SmartScreen has resurfaced again

The malicious campaign exploits the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen to spread Phemedrone Stealer. It utilizes intricate evasion techniques to bypass traditional security measures and target sensitive user information. Phemedrone Stealer Campaign Exploits CVE-2023-36025 Trend Micro researchers uncovered a malware campaign exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. This campaign involves… Continue reading Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

Microsoft Disables MSIX App Installer Protocol

Attackers have found a way to exploit a previously patched vulnerability.

Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to misuse the protocol to install malicious software, bypassing anti-malware software detection. MSIX Installer Protocol Exploited The emergence of a malware kit market, exploiting the MSIX file format and ms-app installer protocol is nothing new. However,… Continue reading Microsoft Disables MSIX App Installer Protocol

Cactus Ransomware Attacks – Microsoft Alerts

Hear this out loud Microsoft warns of Cactus ransomware actors using malvertising to infect victims

Microsoft has raised the alarm about a growing wave of ransomware attacks utilizing malvertising tactics to spread Cactus ransomware. The sophisticated malware campaign hinges on deploying DanaBot as an initial access vector, orchestrated by the ransomware operator Storm-0216, also known as Twisted Spider or UNC2198. Cactus Ransomware Deployed by DanaBot Microsoft’s Threat Intelligence team has… Continue reading Cactus Ransomware Attacks – Microsoft Alerts

What is Microsoft Security Warning Scam?

Fake Microsoft tech support pages and phishing landings are hosted on Microsoft services

Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security… Continue reading What is Microsoft Security Warning Scam?

Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Octo Tempest stands as one of the most perilous financial hacking groups in the cybersecurity landscape, posing significant threats to organizations worldwide.

Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Fake Amazon and Microsoft Tech Support call centers busted

India has declared war on fake tech support services, extorting money from users worldwide.

Amazon and Microsoft are partnering with CBI to crack down on multiple tech support call centers scams across India. These call centers target customers of Amazon and Microsoft, two of the largest companies in the tech industry, and have defrauded more than 2,000 Amazon and Microsoft customers, mainly in the US. Fake Amazon and Microsoft… Continue reading Fake Amazon and Microsoft Tech Support call centers busted