Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Redmond Magazine

Microsoft Defender for Identity Adds More Certificate Abuse Detections

Microsoft Defender for Identity now has a new sensor to further detect certificate abuses by attackers, per a Wednesday announcement. The new sensor gets deployed on Active Directory Certificate ...
Business Wire

CyberArk Integration with Microsoft Defender for Identity Speeds Identification and Containment of Cyber Threats

NEWTON, Mass. & PETACH TIKVA, Israel--(BUSINESS WIRE)--CyberArk (NASDAQ: CYBR) today announced a new integration between CyberArk Privileged Access Manager (PAM) and Microsoft Defender for Identity, ...

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...
Microsoft

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...
Windows Report

Hackers Abused Legit Certificates to Sneak Into Work PCs

A fake company bought a valid EV certificate, signed malware, and helped criminals keep remote access to enterprise PCs.
WTOP News

Data Doctors: Deficiencies in Windows Defender and a possible alternative

Q: What does Trend Micro’s Internet Security do over Windows Defender? A: Cyber threats today aren’t just about viruses. Phishing scams, ransomware attacks and identity theft are all evolving, making ...