Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.

Read More Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM.

The post HAFNIUM targeting Exchange Servers with 0-day exploits appeared first on Microsoft Security.

Read More HAFNIUM targeting Exchange Servers with 0-day exploits

The popular jailbreaking tool called “unc0ver” now supports iOS 14.3 and earlier releases, and is able to unlock almost every iPhone device. Pwn20wnd, the author of the jailbreaking tool “unc0ver,” has updated their software to support iOS 14.3 and earlier releases. The last release of the jailbreaking tool, unc0ver v6.0.0, now includes the exploit code […]

The post Pwn20wnd released the unc0ver v 6.0 jailbreaking tool appeared first on Security Affairs.

Read More Pwn20wnd released the unc0ver v 6.0 jailbreaking tool

French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy giant Lactalis announced that it was hit by a cyber attack, but claimed that it had found no evidence of a data breach. Lactalis employs more than 80,000 people worldwide, at more than 230 production […]

The post French multinational dairy Lactalis hit by a cyber attack appeared first on Security Affairs.

Read More French multinational dairy Lactalis hit by a cyber attack

Learn more about the latest Azure Active Directory innovations that will allow you deliver a secure and seamless experience to your users and help you stay prepared for whatever comes next.

The post Identity at Microsoft Ignite: Strengthening Zero Trust defenses in the era of hybrid work appeared first on Microsoft Security.

Read More Identity at Microsoft Ignite: Strengthening Zero Trust defenses in the era of hybrid work

Today we’re excited to share with you several new innovations across four key areas—identity, security, compliance, and skilling—to give you the holistic security protection you need to meet today’s most challenging security demands.

The post 4 ways Microsoft is delivering security for all in a Zero Trust world appeared first on Microsoft Security.

Read More 4 ways Microsoft is delivering security for all in a Zero Trust world

New Microsoft compliance capabilities enable you to extend data protection and governance across apps, endpoints, and platforms to keep your people collaborative and productive, while ensuring your most valuable asset—your data—remains secure and compliant wherever it lives.

The post Securing and governing data in a new hybrid work reality appeared first on Microsoft Security.

Read More Securing and governing data in a new hybrid work reality

Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between […]

The post Alleged China-linked APT41 group targets Indian critical infrastructures appeared first on Security Affairs.

Read More Alleged China-linked APT41 group targets Indian critical infrastructures

This is weird:

Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

Also curious, the malware comes with a mechanism to completely remove itself, a capability that’s typically reserved for high-stealth operations. So far, though, there are no signs the self-destruct feature has been used, raising the question of why the mechanism exists…

Read More Mysterious Macintosh Malware

JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC International, a major distributor and wholesaler of Asian food products, announced it has recently suffered a ransomware attack. The ransomware attack only impacted JFC International’s Europe Group, the malware caused the disruption of some of its IT […]

The post Distributor of Asian food JFC International hit by Ransomware appeared first on Security Affairs.

Read More Distributor of Asian food JFC International hit by Ransomware

Also known as SIM splitting, simjacking, SIM hijacking, and port-out scamming, SIM swapping is a type of fraud that targets your personal information so that cybercriminals can pass themselves off as you and access your bank accounts. In short, the fra…

Read More What is SIM Swapping?