New Windows 10 Feature Aims to Halt Ransomware
Microsoft is aiming to change the success rate of ransomware with a new security feature in Windows 10 that will define a set of folders that can only be accessed by approved apps. The feature is included in the latest interim build of Windows 10 and it comes at a time when large-scale ransomware campaigns such […]
UK Arrests Four in Tech Support Phone Scam
Police in the U.K. have arrested four people in connection with a fake tech support scam in which callers passed themselves off as representatives of Microsoft or other technology companies. Two men and two women were arrested as part of the investigation by City of London Police and Microsoft into the scheme, which has been […]
Petya-Derived Ransomware Is Acting Like Shamoon
UPDATE–Security researchers are continuing to delve into the details of the latest ransomware outbreak, and have found that the ExPetr ransomware has a number of interesting characteristics that separate it from other variants and raise questions about its purpose. The ExPetr or NotPetya ransomware shares some code and behavior with the older Petya ransomware, but researchers […]
Microsoft Makes Edge Bug Bounty Permanent
Microsoft is making the bug bounty for its Edge browser a permanent program, a significant change to the way the company incentivizes researchers to find vulnerabilities in the application. It’s been a little less than a year since Microsoft launched the bounty as a temporary offering with the Windows 10 Insider Preview. The idea was […]
DHS Points Finger at North Korea for Long Cyberattack Campaign
The United States government has issued a warning about an ongoing series of DDoS attacks and other cyber operations that it says began in 2009, and is pointing the finger squarely at North Korea. On Tuesday, the US-CERT, which is part of the Department of Homeland Security, published a technical alert in conjunction with the […]
Microsoft Releases Patches for Older Versions of Windows, Warns of Nation-State Attacks
Microsoft has taken the unusual step of issuing patches for a number of security vulnerabilities in older versions of Windows that the company says are “at heightened risk of exploitation” from nation-state attackers. As part of its normal Patch Tuesday update release, Microsoft released fixes for 16 vulnerabilities that affect several versions of Windows, including some that […]
Microsoft Patched Shadow Brokers Flaws Before Latest Disclosure
The latest release of exploits and vulnerabilities from the Shadow Brokers came as a surprise to many observers, but not to the security team at Microsoft. It turns out that the company already has patched most of the flaws in its products that were exposed in last week’s exploit dump. The Shadow Brokers have published […]
On the Wire Podcast: Mike Mimoso
It’s been a while since we’ve seen the kind of drama surrounding a Microsoft zero-day bug that we saw this week with the Word vulnerability. Details of the flaw began emerging last week and attackers have been targeting it for several months, but Microsoft didn’t saw a thing about it publicly until it patched the […]
Government, Cybercrime Attackers Target Word Flaw
At least two separate groups of attackers, with disparate motives, have been exploiting the Microsoft Word vulnerability disclosed several days ago. Researchers say that both government-backed attackers and cybercrime groups are targeting the flaw, installing high-level professional malware as well as banking malware. Microsoft on Tuesday released a patch for the vulnerability, but attackers have […]