Tag Archives: Microsoft

Tens of thousands of Microsoft Exchange servers are vulnerable to a flaw that is already being abused in the wild, experts have warned.

The vulnerability, tracked as CVE-2024-21410, is a privilege escalation flaw that allows threat actors to perform NTLM relay attacks on Microsoft Exchange Servers and escalate their privileges on the target endpoint. As a result, they could steal sensitive information and confidential data being shared via email, or could use the access as a stepping stone for more devastating attacks. 

Hackers are going after highly-positioned professionals, including senior executives, with targeted phishing and cloud account takeover attacks, new research has claimed.

A report from Proofpoint outlined a new campaign to compromise Microsoft Azure environments and cloud accounts since late November 2023.

On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild.

About CVE-2024-21412 and CVE-2024-21351

CVE-2024-21412 allows attackers to bypass the Microsoft Defender SmartScreen security feature with booby-trapped Internet Shortcut files.

In late December 2023, Trend Micro researcher Peter Girnus and his colleagues in the ZDI Threat Hunting team discovered the Water Hydra APT leveraging the flaw to infect victims with the DarkMe malware.

(Several other researchers, including two from Google’s Threat Analysis Group, reported the same vulnerability to Microsoft.)

“Water Hydra deployed a spearphishing campaign on forex trading…

The hype doesn’t stop: Palworld has been enjoying more and more success since the early access release on Steam and also in Game Pass. Now Microsoft wants to jump on this bandwagon and support Palworld in its further development.

Quelle: Pocket Pair

In addition to its success on the Steam platform, Palworld has also achieved significant recognition on Xbox Game Pass. With a player base of over seven million, Palworld has established itself as the most successful third-party title on Xbox Game Pass. Additionally, the game holds the record for the highest number of first-time users in a single day on the Xbox Cloud Gaming game streaming service among third-party games.

Please accept YouTube cookies to play this video. If you accept this, you will access content from YouTube, a…

Microsoft is preparing to tweak today’s Windows PC keyboards to make room for generative AI: Meet the Copilot Key. 

The key is designed to automatically trigger the Copilot program on Windows 11, giving users quick access to Microsoft’s ChatGPT-powered virtual assistant. “This will not only simplify people’s computing experience but also amplify it, making 2024 the year of the AI PC,” the company says.

Microsoft touts the Copilot key as the biggest change to the PC keyboard layout since the company introduced the Windows logo key in 1994, which pulls up the Start Menu. 

(Microsoft)

Copilot landed on Windows 11 in September. It’s accessible through an icon on the taskbar, but Microsoft is so bullish on generative AI, it decided Copilot deserved a spot as a hardware-based…