New Attack Campaign Exploits Microsoft Signature Verification
The Malsmoke attack group is behind a campaign that has exploited the Microsoft e-signature verification tool to target 2,100 victims.
Author: Kelly Sheridan, Senior Editor
A Year in Microsoft Bugs: The Most Critical, Overlooked & Hard to Patch
Severe flaws in Microsoft Exchange and Windows Print Spooler stood out amid a wide range of vulnerabilities security teams were forced to prioritize in 2021.
Microsoft Customer Source Code Exposed via Azure App Service Bug
Researchers found an insecure default behavior in Azure App Service exposing source code of some customer applications deployed using "Local Git."
Meta Expands Bug-Bounty Program to Include Data Scraping
Scraping bugs and scraped databases are two new areas of research for the company's bug-bounty and data-bounty programs.
Microsoft Patches Zero-Day Spreading Emotet Malware
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.
Researchers Explore Microsoft Outlook Phishing Techniques
Outlook features intended to improve collaboration and productivity may make social engineering attacks more effective, researchers find.
Russian Actors Behind SolarWinds Attack Hit Global Business & Government Targets
Clusters of activity associated with the attack group behind last year's supply chain breach reveal novel techniques, researchers say.
Military Vets Share Lessons That Helped Them Build Infosec Startups
Startup founders who previously served in the military share the lessons that have helped them build cybersecurity careers and companies.
APT Groups Adopt New Phishing Method. Will Cybercriminals Follow?
APT actors from Russia, China, and India have been observed using the RTF-template injection technique that researchers say is poised for wider adoption.
Apple Sues NSO Group for Spyware Use
The company seeks to hold Israeli firm NSO Group liable for the targeting of Apple users and requests a permanent injunction to ban its use of Apple products and services.