Tag: Microsoft

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

May 26, 2023

Help net security* reports phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. The phishing emails are sent from a compromised Microsoft 365 account to individuals working in the billing department of the recipient company. The emails contain a .rpmsg (restricted permission message) attachment and a “Read … More Phishers use encrypted file attachments to steal Microsoft 365 account credentials

Microsoft is scanning the inside of password-protected zip files for malware

May 16, 2023

According to Ars Technica*, Microsoft cloud services are scanning for malware by peeking inside users’ zip files, even when they’re protected by a password, several users reported on Mastodon on Monday. Compressing file contents into archived zip files has long been a tactic threat actors use to conceal malware spreading through email or downloads. Eventually, … More Microsoft is scanning the inside of password-protected zip files for malware

Microsoft enforces number matching to fight MFA fatigue attacks

May 9, 2023

Bleeping computer reports* Microsoft has started enforcing number matching in Microsoft Authenticator push notifications to fend off multi-factor authentication (MFA) fatigue attacks. In such attacks (also known as push bombing or MFA push spam), cybercriminals flood the targets with mobile push notifications asking them to approve attempts to log into their corporate accounts using stolen … More Microsoft enforces number matching to fight MFA fatigue attacks

Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions

April 4, 2023

The hacker news reports* that Microsoft has announced plans to automatically block embedded files with “dangerous extensions” in OneNote following reports that the note-taking service is being increasingly abused for malware delivery. Up until now, users were shown a dialog warning them that opening such attachments could harm their computer and data, but it was … More Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions

Windows 7 and Windows 8 will stop getting critical security updates in one week

January 10, 2023

As reported by The Verge, Microsoft’s cutting off Windows 7 and Windows 8.1 from security updates and technical support on January 10th 2023. But Edge isn’t the only major browser ditching Windows 7 and 8.1. In October, Google announced that Chrome will end support for Windows 7 and 8.1 on February 7th. Although both browsers … More Windows 7 and Windows 8 will stop getting critical security updates in one week