Cyber Bites

New Attack Vectors opened to Windows Hello

Researchers exploring Windows Hello for Business found an Active Directory backdoor and other attack vectors that could lead to privilege escalation. Researchers investigating Microsoft's Windows Hello for Business have discovered new attack vectors, including a persistent Active Directory backdoor that they say current security tools don't detect. Source: Dark Reading

Read more
Magecart Data Breach Steals Macy’s Customer Payment Info

Macy's has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer's payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections of the web site. These scripts then steal payment information that is submitted by a customer. Source: Bleeping Computer

Read more
Ransomware Attack on Louisiana Government Suffers Outage

The state government of Louisiana was hit by a ransomware attack today that impacted numerous state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development. The attack was first reported at 11am, after there was a forced shutdown of numerous web sites operated by the state as well as email and Internet services. Source: Bleeping Computer

Read more
Google Chrome Fixed Puzzle

Google has rolled back an experimental WebContent Occlusion feature that caused major disruption for enterprise users using Chrome in a multi-user terminal server environment. While the issue is now fixed, enterprise admins are furious that this feature was enabled in the first place without their knowledge or permission. For approximately 5 months, Google has been experimenting with a feature called WebContent Occlusion that hides the content of not-visible tabs so that they use less resources and cause...

Read more
Microsoft Office 365

A new phishing campaign is actively targeting Microsoft Office 365 administrators with the end goal of compromising their entire domain and using newly created accounts on the domain to deliver future phishing emails. The attackers use phishing emails designed to look like they are coming from Microsoft, with the Office 365 logo shown at the top, and delivered using "validated domains" "from a legitimate organization’s Office 365 infrastructure" as PhishLabs found. They also use "Services admin center" as the sender...

Read more
Cortana Windows 10

Microsoft has announced that they will no longer support the Cortana digital personal assistant app on Android and iOS devices starting in 2020. In support articles for the UK, Australian, and Canadian markets, Microsoft has stated that they will no longer support the Cortana digital assistant apps on iOS and Android stating on January 31st, 2020. Instead, Microsoft will be integrating Cortana into the Microsoft 365 productivity apps. At that time, any Cortana content that was created,...

Read more
Page 75 of 151 1 74 75 76 151