Tag Microsoft

Zero-Day Exploit in Internet Explorer Used for Targeted Watering Hole Attacks on Japanese Users

Sep 24, 2013

Attackers are leveraging a zero-day vulnerability, CVE-2013-3893, in Microsoft’s Internet Explorer browser to target Japanese users through compromised popular news websites. According to FireEye, at least three major Japanese media outlets fell victim to these watering hole attacks, part of an operation dubbed “DeputyDog,” which appears to focus on manufacturers, government entities, and media organizations within Japan. The compromised sites experienced over 75,000 page views before the exploits were detected. This vulnerability in Internet Explorer versions 8 and 9 enables the covert installation of malware on users’ devices, granting hackers remote access. Typically, these attackers deploy Trojans tailored for targeted operations aimed at stealing intellectual property. Researchers identified a payload disguised as an image file hosted on a Hong Kong server that was used against a Japanese target. The attacks were uncovered just two days after Microsoft disclosed the vulnerability.

Zero-Day Exploit Targets Japanese Users via Watering Hole Attacks In a significant cybersecurity incident reported on September 24, 2013, a zero-day vulnerability identified as CVE-2013-3893 in Microsoft’s Internet Explorer browser has been exploited through a series of watering hole attacks intended to compromise Japanese users. Attackers have reportedly targeted at…

Read More

Zero-Day Exploit in Internet Explorer Used for Targeted Watering Hole Attacks on Japanese Users

Sep 24, 2013

Attackers are leveraging a zero-day vulnerability, CVE-2013-3893, in Microsoft’s Internet Explorer browser to target Japanese users through compromised popular news websites. According to FireEye, at least three major Japanese media outlets fell victim to these watering hole attacks, part of an operation dubbed “DeputyDog,” which appears to focus on manufacturers, government entities, and media organizations within Japan. The compromised sites experienced over 75,000 page views before the exploits were detected. This vulnerability in Internet Explorer versions 8 and 9 enables the covert installation of malware on users’ devices, granting hackers remote access. Typically, these attackers deploy Trojans tailored for targeted operations aimed at stealing intellectual property. Researchers identified a payload disguised as an image file hosted on a Hong Kong server that was used against a Japanese target. The attacks were uncovered just two days after Microsoft disclosed the vulnerability.

Microsoft Alerts Users to Cross-Account Takeover Vulnerability in Azure Container Instances

On September 10, 2021, Microsoft announced that it had fixed a security flaw in its Azure Container Instances (ACI) service that could be exploited by malicious actors to gain unauthorized access to information from other customers. Researchers referred to this vulnerability as the “first cross-account container takeover in the public cloud.” An attacker could use this weakness to execute harmful commands on other users’ containers, potentially stealing customer secrets and deployed images. Microsoft did not provide further details about the flaw but advised affected customers to “revoke any privileged credentials that were deployed to the platform before August 31, 2021.” Azure Container Instances enables users to run Docker containers directly in a serverless cloud environment without the need for virtual machines, clusters, or orchestration tools. Palo Alto Networks’ Unit 42 threat intelligence team identified the vulnerability…

Microsoft Identifies Vulnerability in Azure Container Instances Leading to Potential Cross-Account Breach On September 8, 2021, Microsoft announced the mitigation of a critical vulnerability in its Azure Container Instances (ACI) service that posed a significant threat to the security of multiple customers. This flaw, noted by researchers as the “first…

Read More

Microsoft Alerts Users to Cross-Account Takeover Vulnerability in Azure Container Instances

On September 10, 2021, Microsoft announced that it had fixed a security flaw in its Azure Container Instances (ACI) service that could be exploited by malicious actors to gain unauthorized access to information from other customers. Researchers referred to this vulnerability as the “first cross-account container takeover in the public cloud.” An attacker could use this weakness to execute harmful commands on other users’ containers, potentially stealing customer secrets and deployed images. Microsoft did not provide further details about the flaw but advised affected customers to “revoke any privileged credentials that were deployed to the platform before August 31, 2021.” Azure Container Instances enables users to run Docker containers directly in a serverless cloud environment without the need for virtual machines, clusters, or orchestration tools. Palo Alto Networks’ Unit 42 threat intelligence team identified the vulnerability…

Microsoft Issues Update for Actively Exploited Windows Zero-Day Vulnerability

On September 15, 2021, Microsoft released crucial software updates as part of its monthly Patch Tuesday cycle to address 66 security vulnerabilities across Windows and other platforms, including Azure, Office, BitLocker, and Visual Studio. Among these was an actively exploited zero-day flaw in the MSHTML Platform that surfaced last week. Of the 66 vulnerabilities, three are categorized as Critical, 62 as Important, and one as Moderate. Additionally, the company has resolved 20 vulnerabilities in the Chromium-based Microsoft Edge browser earlier this month. Notably, the most critical update targets CVE-2021-40444 (CVSS score: 8.8), a remote code execution vulnerability in MSHTML that can be exploited through malicious Microsoft Office documents, with experts noting that the exploit takes advantage of logical flaws for effective exploitation.

Microsoft Issues Critical Patch for Windows Zero-Day Vulnerability On September 15, 2021, Microsoft announced a series of crucial software updates designed to address 66 security vulnerabilities across Windows and various applications, such as Azure, Office, BitLocker, and Visual Studio. This action follows recent urgent security patches released by Apple and…

Read More

Microsoft Issues Update for Actively Exploited Windows Zero-Day Vulnerability

On September 15, 2021, Microsoft released crucial software updates as part of its monthly Patch Tuesday cycle to address 66 security vulnerabilities across Windows and other platforms, including Azure, Office, BitLocker, and Visual Studio. Among these was an actively exploited zero-day flaw in the MSHTML Platform that surfaced last week. Of the 66 vulnerabilities, three are categorized as Critical, 62 as Important, and one as Moderate. Additionally, the company has resolved 20 vulnerabilities in the Chromium-based Microsoft Edge browser earlier this month. Notably, the most critical update targets CVE-2021-40444 (CVSS score: 8.8), a remote code execution vulnerability in MSHTML that can be exploited through malicious Microsoft Office documents, with experts noting that the exploit takes advantage of logical flaws for effective exploitation.

New Windows Vulnerability Exposes Devices to Rootkit Installation by Hackers

New Microsoft Windows Vulnerability Could Enable Rootkit Installation by Hackers September 23, 2021 Security researchers have identified a critical vulnerability in the Microsoft Windows Platform Binary Table (WPBT) that poses risks to all devices operating on Windows since the release of Windows 8. This unpatched flaw could allow attackers to…

Read More

New Windows Vulnerability Exposes Devices to Rootkit Installation by Hackers

Anthropic’s Mythos Will Spark a Cybersecurity Reckoning—But Not How You Expect

Anthropic Launches Claude Mythos Preview: A New Development in Cybersecurity Risks This week, Anthropic unveiled its Claude Mythos Preview model, heralded as a significant milestone in the evolution of cybersecurity. The company asserts that this new technology poses an unprecedented existential threat to current software defense mechanisms, sparking debates about…

Read MoreAnthropic’s Mythos Will Spark a Cybersecurity Reckoning—But Not How You Expect

Microsoft Announces Fix for 80 Security Vulnerabilities, Including Critical SMB Privilege Escalation and Azure CVSS 10.0 Issues

On September 10, 2025, Microsoft released patches for 80 security flaws across its software. This update includes one vulnerability that had already been disclosed publicly. Among these, eight are classified as Critical, while 72 are deemed Important. Fortunately, none were exploited in the wild as zero-day vulnerabilities. Similar to the previous month, 38 flaws are linked to privilege escalation, followed by 22 related to remote code execution, 14 concerning information disclosure, and 3 classified as denial-of-service. “For the third time this year, Microsoft has addressed more privilege escalation vulnerabilities than remote code execution issues,” noted Satnam Narang, Senior Staff Research Engineer at Tenable. “Almost half (47.5%) of the vulnerabilities this month are related to privilege escalation.” This patch release also includes updates to 12 vulnerabilities in Microsoft’s Chromium-based Edge browser since August 2025’s Patch Tuesday.

Microsoft Addresses 80 Security Flaws, Including Critical SMB Privilege Escalation and Azure Vulnerabilities On September 10, 2025, Microsoft released patches for 80 identified security vulnerabilities in its software ecosystem. Among these flaws, eight have been classified as Critical, while the remaining 72 are deemed Important in terms of severity. Notably,…

Read More

Microsoft Announces Fix for 80 Security Vulnerabilities, Including Critical SMB Privilege Escalation and Azure CVSS 10.0 Issues

On September 10, 2025, Microsoft released patches for 80 security flaws across its software. This update includes one vulnerability that had already been disclosed publicly. Among these, eight are classified as Critical, while 72 are deemed Important. Fortunately, none were exploited in the wild as zero-day vulnerabilities. Similar to the previous month, 38 flaws are linked to privilege escalation, followed by 22 related to remote code execution, 14 concerning information disclosure, and 3 classified as denial-of-service. “For the third time this year, Microsoft has addressed more privilege escalation vulnerabilities than remote code execution issues,” noted Satnam Narang, Senior Staff Research Engineer at Tenable. “Almost half (47.5%) of the vulnerabilities this month are related to privilege escalation.” This patch release also includes updates to 12 vulnerabilities in Microsoft’s Chromium-based Edge browser since August 2025’s Patch Tuesday.

Senator Wyden Calls for FTC Investigation into Microsoft Over Ransomware-Related Cybersecurity Failures

U.S. Senator Ron Wyden is urging the Federal Trade Commission (FTC) to investigate Microsoft for what he describes as “gross cybersecurity negligence” that has facilitated ransomware attacks on critical U.S. infrastructure, particularly targeting healthcare networks. In a detailed four-page letter to FTC Chairman Andrew Ferguson, Wyden warned that Microsoft’s lax cybersecurity practices, combined with its near-monopoly in the enterprise operating system market, create a significant national security risk, making further attacks likely. He likened Microsoft’s behavior to that of “an arsonist selling firefighting services to their victims.” This request follows new revelations from the healthcare provider Ascension, which experienced a devastating ransomware attack last year, compromising personal and medical data of nearly 5.6 million individuals.

Senator Wyden Calls for FTC Investigation into Microsoft Over Cybersecurity Negligence Linked to Ransomware Attacks September 11, 2025 U.S. Senator Ron Wyden has formally requested the Federal Trade Commission (FTC) to investigate Microsoft, alleging severe cybersecurity negligence that has facilitated ransomware assaults on critical U.S. infrastructure, notably in the healthcare…

Read More

Senator Wyden Calls for FTC Investigation into Microsoft Over Ransomware-Related Cybersecurity Failures

U.S. Senator Ron Wyden is urging the Federal Trade Commission (FTC) to investigate Microsoft for what he describes as “gross cybersecurity negligence” that has facilitated ransomware attacks on critical U.S. infrastructure, particularly targeting healthcare networks. In a detailed four-page letter to FTC Chairman Andrew Ferguson, Wyden warned that Microsoft’s lax cybersecurity practices, combined with its near-monopoly in the enterprise operating system market, create a significant national security risk, making further attacks likely. He likened Microsoft’s behavior to that of “an arsonist selling firefighting services to their victims.” This request follows new revelations from the healthcare provider Ascension, which experienced a devastating ransomware attack last year, compromising personal and medical data of nearly 5.6 million individuals.

Storm-1175 Launches Medusa Ransomware Just 24 Hours After Vulnerability Revealed

A notorious hacking group known as Storm-1175 is wreaking havoc on a global scale by deploying the destructive Medusa ransomware. Microsoft Threat Intelligence has identified this group as particularly adept at exploiting the narrow window between the discovery of a security vulnerability and the implementation of a patch. Research from…

Read MoreStorm-1175 Launches Medusa Ransomware Just 24 Hours After Vulnerability Revealed