Android apps with millions of downloads exposed to high-severity vulnerabilities

Credit to Author: Katie McCafferty| Date: Fri, 27 May 2022 16:00:00 +0000

Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.

The post Android apps with millions of downloads exposed to high-severity vulnerabilities appeared first on Microsoft Security Blog.

Read more

Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp)

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 25 May 2022 21:00:00 +0000

The privilege escalation hacking tool KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/ SharpMad, Whisker, and ADCSPwn tools in attacks. Although this attack won’t function for Azure Active Directory (Azure AD) joined devices, hybrid joined devices with on-premises domain controllers remain vulnerable.

The post Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp) appeared first on Microsoft Security Blog.

Read more

Anatomy of a DDoS amplification attack

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Mon, 23 May 2022 18:00:00 +0000

Amplification attacks are one of the most common distributed denial of service (DDoS) attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where the attacker succeeds in generating more traffic than the target can process, resulting in exhausting its resources due to the amount of traffic it receives.

The post Anatomy of a DDoS amplification attack appeared first on Microsoft Security Blog.

Read more

How to improve risk management using Zero Trust architecture

Credit to Author: Christine Barrett| Date: Mon, 23 May 2022 17:00:00 +0000

Risk management plays a critical role in helping organizations with their security posture enhancement. Taking insider incidents as an example, they are not only costly to organizations but also time-consuming to be contained. As such, the ROI is maximized in effectively protecting the organizations’ assets as well as ensuring their business operations. Risk management is an ongoing activity. Are the long-established risk management programs in the enterprises staying on top of the evolving digital and threat landscapes?

The post How to improve risk management using Zero Trust architecture appeared first on Microsoft Security Blog.

Read more

Beneath the surface: Uncovering the shift in web skimming

Credit to Author: Paul Oliveria| Date: Mon, 23 May 2022 16:00:00 +0000

Web skimming campaigns now employ various obfuscation techniques to deliver and hide the skimming scripts. It’s a shift from earlier tactics where attackers conspicuously injected the malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to traditional security solutions.

The post Beneath the surface: Uncovering the shift in web skimming appeared first on Microsoft Security Blog.

Read more