Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays
Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020.
Read More
Microsoft
Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users
It remains unknown as to why Microsoft is allowing a spoof of their very own domain against their own email infrastructure.
Read MoreTrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions
A new “TrickBoot” module scans for vulnerable firmware and has the ability to read, write and erase it on devices.
Read MoreMicrosoft Revamps ‘Invasive’ M365 Feature After Privacy Backlash
The Microsoft 365 tool that tracked employee usage of applications like Outlook, Skype and Teams was widely condemned by privacy experts.
Read MoreAPT Exploits Microsoft Zerologon Bug: Targets Japanese Companies
Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks.
Read MoreNation-State Attackers Actively Target COVID-19 Vaccine-Makers
Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says.
Read MoreMicrosoft Exchange Attack Exposes New xHunt Backdoors
An attack on the Microsoft Exchange server of an organization in Kuwait revealed two never-before-seen Powershell backdoors.
Read MoreGoogle Forms Abused to Phish AT&T Credentials
More than 200 Google Forms impersonate top brands – including Microsoft OneDrive, Office 365, and Wells Fargo – to steal victims’ credentials.
Read MoreHalloween News Wrap: The Election, Hospital Deaths and Other Scary Cyberattack Stories
Threatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry — including bugs that just won’t die.
Read MoreMicrosoft Warns Threat Actors Continue to Exploit Zerologon Bug
Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers.
Read More