CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Microsoft shares temp fix for Outlook crashing when writing emails Description: Microsoft has shared a temporary fix for a known issue that causes classic Outlook to crash when writing, replying to, or forwarding an email. [...] Source: BleepingComputer January 20th, 2025 (5 months ago)
	Microsoft removes Assassin’s Creed Windows 11 upgrade blocks Description: Earlier this week, Ubisoft released Assassin's Creed Valhalla and Assassin's Creed Origins patches to fix Windows 11 24H2 compatibility issues that caused crashes, freezes, and audio problems. [...] Source: BleepingComputer January 18th, 2025 (5 months ago)
	Microsoft fixes Office 365 apps crashing on Windows Server systems Description: Microsoft has fixed a known issue that caused Microsoft 365 applications and Classic Outlook to crash on Windows Server 2016 or Windows Server 2019 systems. [...] Source: BleepingComputer January 17th, 2025 (5 months ago)
	Microsoft starts force upgrading Windows 11 22H2, 23H3 devices Description: Microsoft has started the forced rollout of Windows 11 24H2 to eligible, non-managed systems running the Home and Pro editions of Windows 11 22H2 and 23H2. [...] Source: BleepingComputer January 17th, 2025 (5 months ago)
	Star Blizzard Targets WhatsApp Accounts in Tricky QR Code Attack Description: Microsoft Threat Intelligence has uncovered a new spear-phishing campaign by the Russian threat actor Star Blizzard, marking a significant shift in their tactics. The campaign, observed in mid-November 2024, exploits WhatsApp’s account linking feature to gain unauthorized access to messages. This is the first time Star Blizzard has used WhatsApp as an attack vector, following … The post Star Blizzard Targets WhatsApp Accounts in Tricky QR Code Attack appeared first on CyberInsider. Source: CyberInsider January 17th, 2025 (5 months ago)
	New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass Description: Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting Source: TheHackerNews January 17th, 2025 (5 months ago)
	Microsoft eggheads say AI can never be made secure – after testing Redmond's own products Source: TheRegister January 17th, 2025 (5 months ago)
	Microsoft expands testing of Windows 11 admin protection feature Description: Microsoft has expanded its Windows 11 administrator protection tests, allowing Insiders to enable the security feature from the Windows Security settings. [...] Source: BleepingComputer January 16th, 2025 (5 months ago)
CVE-2024-7344	New UEFI Secure Boot flaw exposes systems to bootkits, patch now Description: A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. [...] EPSS Score: 0.04% Source: BleepingComputer January 16th, 2025 (5 months ago)
	Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions Description: Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. "A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications," Silverfort researcher Dor Segal said in a Source: TheHackerNews January 16th, 2025 (5 months ago)