Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA
Description: A new Microsoft 365 phishing-as-a-service platform called "FlowerStorm" is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service. [...]
Source: BleepingComputer
December 23rd, 2024 (4 months ago)
Microsoft fixes bug behind random Office 365 deactivation errors
Description: ​Microsoft has rolled out a fix for a known issue that causes random "Product Deactivated" errors for customers using Microsoft 365 Office apps. [...]
Source: BleepingComputer
December 23rd, 2024 (4 months ago)
Microsoft 365 users hit by random product deactivation errors
Description: [...]
Source: BleepingComputer
December 19th, 2024 (5 months ago)
Windows 11 24H2 upgrades blocked on some PCs due to audio issues
Description: ​Microsoft has added another Windows 11 24H2 upgrade block for systems with Dirac audio improvement software due to compatibility issues breaking sound output. [...]
Source: BleepingComputer
December 19th, 2024 (5 months ago)
Microsoft says Auto HDR causes game freezes on Windows 11 24H2
Description: ​Microsoft is now blocking Windows 11 24H2 upgrades on systems with Auto HDR enabled due to a compatibility issue that causes game freezes. [...]
Source: BleepingComputer
December 19th, 2024 (5 months ago)
HubSpot phishing targets 20,000 Microsoft Azure accounts
Description: A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials. [...]
Source: BleepingComputer
December 18th, 2024 (5 months ago)
Malicious Microsoft VSCode extensions target devs, crypto community
Description: Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain attacks. [...]
Source: BleepingComputer
December 18th, 2024 (5 months ago)
Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks
Description: A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing email link or attachment, although it said it couldn't obtain the original email used to launch the attack. "One of the
Source: TheHackerNews
December 18th, 2024 (5 months ago)
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Description: A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said. "The attacker failed to install a
Source: TheHackerNews
December 18th, 2024 (5 months ago)
CISA orders federal agencies to secure Microsoft 365 tenants
Description: ​CISA has issued this year's first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. [...]
Source: BleepingComputer
December 18th, 2024 (5 months ago)