Trojan:Win32/Vigorf.A Analysis & Removal Guide

Trojan:Win32/Vigorf.A is able to infiltrate the computer system, install additional malware and remain undetected by antivirus programs.

Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant harm to the system. In this article, let’s find out how dangerous Vigorf.A is and how to get rid of it. What is Trojan:Win32/Vigorf.A? Trojan:Win32/Vigorf.A is the detection name that Microsoft Defender attributes to dropper/loader… Continue reading Trojan:Win32/Vigorf.A Analysis & Removal Guide

Microsoft is Hacked, Again by Midnight Blizzard

The company claims being repeatedly hacked with the use of leaked auth secrets

Microsoft acknowledges being hacked for the second time this year, by the same Russia state-sponsored group Midnight Blizzard. The company confirms that this new breach is the outcome of the previous one, as hackers were able to get their hands on access secrets. Microsoft Hacked, Source Code Leaked In its K-8 filing to SEC, Microsoft… Continue reading Microsoft is Hacked, Again by Midnight Blizzard

Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

A once-patched vulnerability in Microsoft Windows Defender SmartScreen has resurfaced again

The malicious campaign exploits the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen to spread Phemedrone Stealer. It utilizes intricate evasion techniques to bypass traditional security measures and target sensitive user information. Phemedrone Stealer Campaign Exploits CVE-2023-36025 Trend Micro researchers uncovered a malware campaign exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. This campaign involves… Continue reading Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

Microsoft Disables MSIX App Installer Protocol

Attackers have found a way to exploit a previously patched vulnerability.

Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to misuse the protocol to install malicious software, bypassing anti-malware software detection. MSIX Installer Protocol Exploited The emergence of a malware kit market, exploiting the MSIX file format and ms-app installer protocol is nothing new. However,… Continue reading Microsoft Disables MSIX App Installer Protocol

Cactus Ransomware Attacks – Microsoft Alerts

Hear this out loud Microsoft warns of Cactus ransomware actors using malvertising to infect victims

Microsoft has raised the alarm about a growing wave of ransomware attacks utilizing malvertising tactics to spread Cactus ransomware. The sophisticated malware campaign hinges on deploying DanaBot as an initial access vector, orchestrated by the ransomware operator Storm-0216, also known as Twisted Spider or UNC2198. Cactus Ransomware Deployed by DanaBot Microsoft’s Threat Intelligence team has… Continue reading Cactus Ransomware Attacks – Microsoft Alerts

What is Microsoft Security Warning Scam?

Fake Microsoft tech support pages and phishing landings are hosted on Microsoft services

Fraudsteds massively employ Microsoft Azure hosting to start Microsoft Security scam pages. They range from a scary warning that blocks your browser window to a phishing pages, indistinguishable from real. Let’s see the most typical types of these scams and their features. What is Windows Defender Security Warning? Fake Windows Defender Security Warning (Microsoft Security… Continue reading What is Microsoft Security Warning Scam?

Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Octo Tempest stands as one of the most perilous financial hacking groups in the cybersecurity landscape, posing significant threats to organizations worldwide.

Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Fake Amazon and Microsoft Tech Support call centers busted

India has declared war on fake tech support services, extorting money from users worldwide.

Amazon and Microsoft are partnering with CBI to crack down on multiple tech support call centers scams across India. These call centers target customers of Amazon and Microsoft, two of the largest companies in the tech industry, and have defrauded more than 2,000 Amazon and Microsoft customers, mainly in the US. Fake Amazon and Microsoft… Continue reading Fake Amazon and Microsoft Tech Support call centers busted

Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site

A new phishing campaign targeting cryptocurrency users

With the ever-increasing number of cyber threats, hackers and cybersecurity specialists are taking the initiative. This time, cybercriminals went ahead of the curve. They created a phishing website to coincide with the news that Microsoft was developing a crypto wallet exclusively for its Edge browser. Such a scheme is used to spread Luca Stealer. Microsoft… Continue reading Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site

Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

Vulnerability in nOAuth Azure Active Directory that allows adversaries to use the "Log In with Microsoft" feature.

In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing