Microsoft - Tagged - Security Boulevard
OMIGOD security analysts

Oh, my God, Please Patch OMIGOD!

Last week I was talking with a friend. “Azure has a fun new vulnerability.” “Oh yeah? What is it?” “They silently install this OMI thing on all their Linux VMs. It’s a ...
Security Boulevard
phishing MFA Microsoft Again Most Spoofed as Office 365 Phishing Evolves

Microsoft Finds Phishing Op Behind Enterprise Campaigns

A phishing-as-a-service (PhaaS) operation, dubbed BulletProofLink and discovered by Microsoft, has been behind a number of phishing campaigns against the private sector. Researchers at the tech giant uncovered the operation after finding ...
Security Boulevard
OMI security vulnerability data breach

OMIGOD! Azure Vulnerabilities Are Being Exploited

No sooner had the Open Management Infrastructure (OMI) software agent silently installed by Microsoft on more than half of all Azure instances been revealed then threat actors were already on the case, ...
Security Boulevard
passwordless Future Without Passwords

Microsoft Ditches Passwords. Will the World Follow?

To password or not to password? The debate has raged for years now with no clear winner. But there may be a little more ‘oomph’ behind the passwordless side this week after ...
Security Boulevard
Azurescape Vulnerability: More Evidence that  Microsoft Should Leave Security to the Experts

Azurescape Vulnerability: More Evidence that  Microsoft Should Leave Security to the Experts

It’s been a busy couple weeks for Microsoft—and not in a good way. Following the news that a configuration error left Azure cloud customer data exposed to potential compromise, and a security ...
Microsoft Zero-Day-of-the-Month Club

Microsoft Zero-Day-of-the-Month Club

When it comes to zero day attacks against Microsoft products, I often feel like Bill Murray’s character in the movie Groundhog Day. It seems like I keep waking up to the same ...
THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them ...

Microsoft warns of a Windows zero-day security hole that is being actively exploited

In a security advisory, Microsoft has warned that malicious hackers are exploiting an unpatched vulnerability in Windows to launch targeted attacks against organisations. The security hole, dubbed CVE-2021-40444, is a previously unknown ...