Microsoft – Page 2 – PossibleThreat Articles

What a future without browser cookies looks like

February 7, 2024 0 Comments Browsers, Data privacy, facebook, Google, Microsoft, Privacy, regulation

Most online users have experienced it. You do an online search for healthcare purposes, travel information, or something to buy and soon you’re being bombarded with emails and targeted online ads for everything related to your search. That’s because browser cookies were tracking you as you performed your searches; they identified you and your activity.

Over the past few years, the online advertising industry has been undergoing a sea change as regulators restricted how cookies can be used and browser providers moved away from their use in response to consumer outcries over privacy.

“They often feel surveilled; some even find it ‘creepy’ that a website can show them ads related to their behavior elsewhere,” according to a recent study by the HEC Paris Business School.

To read this article in full, please click here

MalwareBytes Security

Hewlett Packard Enterprise also searched by Cozy Bear

January 29, 2024 0 Comments cozy bear, hewlett packard, Microsoft, news

Hewlett Packard Enterprise revealed in a filing that it was breached by Russian group Cozy Bear, similar to Microsoft.

ComputerWorld Independent

Russia hacks Microsoft: It’s worse than you think

January 29, 2024 0 Comments Government IT, Microsoft, regulation, Security, small and medium business, Windows

Another day, another hack of Microsoft technology. Ho-hum, you might think, this has happened before and will happen again — as surely as the sun rises in the morning and sets at night.

This time is different. Because this time the targets weren’t Microsoft customers, but rather the top echelons of Microsoft itself. And the hacker group, called Midnight Blizzard, or sometimes Cozy Bear, the Dukes, or A.P.T. 29, is sponsored by Russia’s Foreign Intelligence Service (and has been since at least 2008).

To read this article in full, please click here

MalwareBytes Security

Microsoft got hacked by state sponsored group it was investigating

January 23, 2024 0 Comments apt 29, cozy bear, Microsoft, midnight blizzard, news, solarwinds

Microsoft has acknowledged a cyberattack by Russians state sponsored group Cozy Bear who, it says, was looking how much information Microsoft holds about Cozy Bear.

Security Sophos

2024’s first Patch Tuesday steps lightly

January 13, 2024 0 Comments featured, kerberos, Microsoft, Patch Tuesday, security feature bypass, threat research, Windows

Credit to Author: Angela Gunn| Date: Tue, 09 Jan 2024 22:03:14 +0000

Four dozen fixes and a handful of advisories make for the quietest January since 2020

ComputerWorld Independent

For Patch Tuesday, 48 updates, no zero-day flaws

January 13, 2024 0 Comments Microsoft, Security, small and medium business, Windows

Microsoft has eased us into the new new year with just 48 updates for the Windows, Office and .NET platforms. There were no zero-days for January, and no reports of publicly exposed vulnerabilities or exploited security issues.

Developers of complex, line-of-business applications might need to pay particular attention to how Microsoft has updated the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing before deployment.

The team at Readiness has crafted a useful infographic that outlines the risks associated with each of the updates for this January release.

To read this article in full, please click here

MalwareBytes Security

Patch now! First patch Tuesday of 2024 is here

January 13, 2024 0 Comments cve-2024-20674, cve-2024-20677, cve-2024-20700, Exploits and vulnerabilities, fbx, Hyper-V, kerberos, Microsoft, news, Patch Tuesday

Microsoft’s patch Tuesday roundup looks like a relatively quiet one. Unless your organization uses FBX files.

MalwareBytes Security

Microsoft disables ms-appinstaller after malicious use

January 13, 2024 0 Comments iabs, Microsoft, ms-appinstaller, news, Ransomware, search ads, seo poisoning, Social engineering

Microsoft decided to disable App Installer links by default after it noticed several access brokers using the handler to spread malware.

ComputerWorld Independent

For December, an exceptionally light Patch Tuesday

December 15, 2023 0 Comments Microsoft, Security, small and medium business, Windows

Over the past year, we’ve seen Microsoft make radical improvements in its browser stability and significant positive changes to its Windows update communication and telemetry strategies. And this month’s Patch Tuesday release brings with it an incredibly light set of updates — maybe the fewest number of updates I have ever seen.

There are no zero-days, which is a great finish to 2023, though Windows gets three critical updates and Visual Studio will require immediate attention due to several re-releases of past critical application patches.

The team at Readiness has created a helpful infographic to outline the risks associated with each update in this last release of 2023. One note of caution: we have seen several potential updates to older patches (October/November) potentially coming down the release pipeline from Microsoft. It might be worth checking in during the upcoming holiday break to see whether there are any out-of-band patches for the Windows ecosystem.

To read this article in full, please click here

MalwareBytes Security

Microsoft patches 34 vulnerabilities, including one zero-day

December 13, 2023 0 Comments amd, cve-2023-35628, cve-2023-50164, Exploits and vulnerabilities, Microsoft, mshtml, news

Microsoft and other vendors have released their rounds of December updates on or before patch Tuesday. Update now!