Microsoft’s guidance to help mitigate Kerberoasting  

Credit to Author: David Weston| Date: Fri, 11 Oct 2024 17:00:00 +0000

Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks. Microsoft is sharing recommended actions administrators can take now to help prevent successful Kerberoasting cyberattacks.

The post Microsoft’s guidance to help mitigate Kerberoasting   appeared first on Microsoft Security Blog.

Read more

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 08 Aug 2024 18:00:00 +0000

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.

The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog.

Read more

Patch Tuesday, June 2024 “Recall” Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Jun 2024 22:57:35 +0000

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows administrators. The software giant also responded to a torrent of negative feedback on a new feature of Redmond’s flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default.

Read more

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Credit to Author: David Weston| Date: Mon, 20 May 2024 18:00:00 +0000

Today, ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of computers, we are introducing important security features and updates that make Windows 11 more secure for users and organizations, and give developers the tools to prioritize security.

The post New Windows 11 features strengthen security to address evolving cyberthreat landscape appeared first on Microsoft Security Blog.

Read more

New Microsoft Incident Response guide helps simplify cyberthreat investigations

Credit to Author: Microsoft Incident Response| Date: Tue, 23 Apr 2024 16:00:00 +0000

Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team.

The post New Microsoft Incident Response guide helps simplify cyberthreat investigations appeared first on Microsoft Security Blog.

Read more

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 22 Apr 2024 16:00:00 +0000

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.

The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog.

Read more