Tag Microsoft

Russian Cybercrime Groups Capitalizing on 7-Zip Vulnerability to Circumvent Windows MotW Protections

A newly addressed security vulnerability in the popular 7-Zip archiving tool has been actively exploited to distribute the SmokeLoader malware, raising significant concerns in the cybersecurity community. This vulnerability, identified as CVE-2025-0411, has a CVSS score of 7.0 and enables remote attackers to bypass mark-of-the-web (MotW) protections and run arbitrary…

Read MoreRussian Cybercrime Groups Capitalizing on 7-Zip Vulnerability to Circumvent Windows MotW Protections

Microsoft Reports Over 200 Cyberattacks from Russia Targeting Ukraine

Recent reports indicate that from February 23 to April 8, a coalition of at least six Russia-aligned cyber actors executed over 237 cyberattacks targeting Ukraine. Among these attacks, 38 were particularly destructive, resulting in irreversible data loss across various organizations within the nation. The objective of these cyber operations appears…

Read MoreMicrosoft Reports Over 200 Cyberattacks from Russia Targeting Ukraine

Google’s New AI Ransomware Defense: Effective, but Limited

Ransomware attacks have increasingly become a pressing digital threat as their sophistication grows, extending beyond traditional data-encrypting malware to include data grab-and-leak tactics. While the conventional form of ransomware that encrypts data and demands a ransom remains prevalent, Google has recently introduced a new defense mechanism for its Drive for…

Read MoreGoogle’s New AI Ransomware Defense: Effective, but Limited

Who’s Overseeing the Machines? The Unowned Identity Crisis

Identity & Access Management, Security Operations Machine Identities Surpass Human Ones, Yet Accountability Remains Inadequate Rashmi Ramesh (rashmiramesh_) • September 29, 2025 Image: Shutterstock The rapidly growing segment of users within enterprises often goes unnoticed in human resources systems. This group primarily operates through service accounts, API keys, bots, and…

Read MoreWho’s Overseeing the Machines? The Unowned Identity Crisis

Microsoft Neutralizes Iran-Based Lebanese Hackers Targeting Israeli Firms

Microsoft recently announced that it has taken action to mitigate harmful activities linked to a previously unidentified hacker group known as Polonium. This group has been exploiting OneDrive for malicious purposes, prompting Microsoft to intervene. In addition to terminating the accounts connected to this Lebanon-based group, the Microsoft Threat Intelligence…

Read MoreMicrosoft Neutralizes Iran-Based Lebanese Hackers Targeting Israeli Firms

An App Designed to Dox Critics of Charlie Kirk Ended Up Doxing Its Own Users Instead

Recent findings reveal that the US Department of Homeland Security (DHS) has amassed DNA data from nearly 2,000 American citizens in recent years. This accumulation raises significant concerns regarding legal implications and the level of oversight involved, especially since the collected genetic material has been entered into an FBI crime…

Read MoreAn App Designed to Dox Critics of Charlie Kirk Ended Up Doxing Its Own Users Instead

Microsoft Addresses Actively Exploited Privilege Escalation Vulnerability in Power Pages

Microsoft Addresses Critical Vulnerabilities in Bing and Power Pages Microsoft has issued security updates to resolve two critical vulnerabilities affecting its Bing search engine and Power Pages platform, one of which is currently being actively exploited. The release highlights ongoing concerns in the cybersecurity landscape as attackers increasingly target widely…

Read MoreMicrosoft Addresses Actively Exploited Privilege Escalation Vulnerability in Power Pages