Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security… Continue reading What is Microsoft Security Warning Scam?
Tag: Microsoft
Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?
Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?
Fake Amazon and Microsoft Tech Support call centers busted
Amazon and Microsoft are partnering with CBI to crack down on multiple tech support call centers scams across India. These call centers target customers of Amazon and Microsoft, two of the largest companies in the tech industry, and have defrauded more than 2,000 Amazon and Microsoft customers, mainly in the US. Fake Amazon and Microsoft… Continue reading Fake Amazon and Microsoft Tech Support call centers busted
Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site
With the ever-increasing number of cyber threats, hackers and cybersecurity specialists are taking the initiative. This time, cybercriminals went ahead of the curve. They created a phishing website to coincide with the news that Microsoft was developing a crypto wallet exclusively for its Edge browser. Such a scheme is used to spread Luca Stealer. Microsoft… Continue reading Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site
Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing
In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing
Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
On July 11, 2023, Microsoft published an article about addressing the CVE-2023-36884 vulnerability. This breach allowed for remote code execution in Office and Windows HTML. Microsoft has acknowledged a targeted attack that exploits a vulnerability using specifically designed Microsoft Office documents. The attacker can gain control of a victim’s computer by creating a malicious Office… Continue reading Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
Researchers Found BlackLotus UEFI Bootkit Sources on GitHub
The source code for the BlackLotus UEFI bootkit, which was previously sold on the dark web for $5,000, has been discovered by Binarly analysts on GitHub. The researchers say the leaked sources are not entirely complete and contain mostly a rootkit and a bootkit to bypass Secure Boot. What is BlackLotus bootkit? BlackLotus was first… Continue reading Researchers Found BlackLotus UEFI Bootkit Sources on GitHub
Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack
Microsoft has linked the Clop ransomware gang to a recent attack that uses a zero-day vulnerability in the MOVEit Transfer platform to steal data from organizations. The company’s Threat Intel team names Lace Tempest cybercrime gang as a key suspect in these attacks. Who are Lace Tempest hackers? Microsoft is attributing attacks that exploit the… Continue reading Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack
FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Microsoft analysts report that last month the notorious hacker group FIN7 (also known as Carbanak, Navigator and others) resumed its activity. The researchers were able to link FIN7 to attacks whose ultimate goal was to deploy the Clop ransomware on victims’ networks. FIN7 Cybercrime Group Goes On Let me remind you that we also wrote… Continue reading FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Visual Studio Code Malicious Plugins Steal Personal Data
Some plugins for Visual Studio Code, a popular code editing tool developed by Microsoft, appear to have malicious code. In particular, a one with over 45,000 downloads is capable stealing personal data. Community alarm forced the quick removal of these pests, but it can be the first sprout of something bigger. What is VS Code… Continue reading Visual Studio Code Malicious Plugins Steal Personal Data