Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center MSTIC tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attac...

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center MSTIC tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attac...

Description of the security update for SharePoint Enterprise Server 2016: May 10, 2022 (KB5002195)

Description of the security update for SharePoint Enterprise Server 2016: May 10, 2022 KB5002195 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

Emotet is Back With New Tricks to Spread Malware

Emotet malware attacks are back after a 10-month “spring break” – with criminals behind the attack rested, tanned and ready to launch a new campaign strategy. That new approach includes more targeted phishing attacks, different from the previous spray-and-pray campaigns, according to new research...

March 28, 2022—KB5011563 (OS Build 22000.593) Preview

March 28, 2022—KB5011563 OS Build 22000.593 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11 original release, see its update history page.Note Follow @WindowsUpdate to...

The vulnerability of the OneDrive for Android file storage service, related to incorrect authentication, allows a perpetrator to gain access to protected information.

The vulnerability of the OneDrive for Android file storage service is related to incorrect authentication. Exploiting this vulnerability can allow an attacker to gain access to protected information...

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

How to Use OneDrive for Office 365 on Desktop

By Owais Sultan OneDrive is used to help organizations store files and documents. Learn how to use OneDrive for Office 365… This is a post from HackRead.com Read the original post: How to Use OneDrive for Office 365 on Desktop...

Google Drive accounted for 50% of malicious Office document downloads

By Deeba Ahmed OneDrive was responsible for 19% while 15% of malicious Microsoft Office documents were downloaded through Sharepoint in 2021.… This is a post from HackRead.com Read the original post: Google Drive accounted for 50% of malicious Office document downloads...

Microsoft OneDrive for Android security feature bypass vulnerability

Microsoft OneDrive is a cloud backup application from the US-based Microsoft Corporation Microsoft. The program has features such as automatic backup of photo albums, online office and file sharing.Microsoft OneDrive for Android has a security feature bypass vulnerability, no details of the...

CVE-2022-23255

Microsoft OneDrive for Android Security Feature Bypass Vulnerability...

CVE-2022-23255

Microsoft OneDrive for Android Security Feature Bypass Vulnerability...

Security feature bypass

Microsoft OneDrive for Android Security Feature Bypass Vulnerability...

CVE-2022-23255

CVE-2022-23255 corresponds to a security feature bypass in Microsoft OneDrive for Android. Connected sources (PT-2022-1677 and NCSC-2022-0103) describe an improper authorization flaw that allows bypassing security controls on OneDrive for Android, potentially enabling access to protected informat...

CVE-2022-23255 Microsoft OneDrive for Android Security Feature Bypass Vulnerability

...

Iranian Hackers Using New Marlin Backdoor in 'Out to Sea' Espionage Campaign

An advanced persistent threat APT group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks — codenamed "Out to Sea" — to a...

Description of the security update for SharePoint Enterprise Server 2016: February 8, 2022 (KB5002136)

Description of the security update for SharePoint Enterprise Server 2016: February 8, 2022 KB5002136 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, Microsoft SharePoint Server spoofing vulnerability, and Microsoft SharePoint Server securit...

Microsoft OneDrive for Android Security Feature Bypass Vulnerability

...

KLA12454 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An...