Hexafusion Blog

Introduction

The era of AI-driven tools and technologies continues to expand, streamlining various aspects of our digital lives. Microsoft's AI-powered Copilot, initially designed as a coding assistant, is now taking a leap forward to make its mark on the broader productivity landscape. This article will explore the introduction of Microsoft's AI-Powered Copilot for Word, Outlook, and more, showcasing how this innovation will reshape the way we interact with these productivity tools.

In March 2023, Microsoft released its Patch Tuesday update, which addressed 80 vulnerabilities, including 9 critical ones. These vulnerabilities span a wide range of Microsoft products and services, from Microsoft Outlook to Windows Server.

One of the most pressing vulnerabilities in this release is in Microsoft Outlook, with CVE-2023-23397 already being exploited. External attackers could send specially crafted emails to leak Net-NTLMv2 hash information of the victim to the attacker. Microsoft recommends updating the system as soon as possible to prevent further exploitation of this vulnerability.

9 Zero-days Fixed - 3 Actively Exploited

Patch Tuesday is once again upon us. The Patch Tuesday, July 2021 brings us 117 fixes, 15 of which are rated as critical including a highly critical Microsoft Sharepoint Server RCE vulnerability. We've listed the most important changes below and listed all of the fixes included.

Microsoft released its Patch Tuesday, May 2021 with updates and security patches to fix 55 security flaws within Windows and other products. From these flaws, 4 are rated as critical and 3 are zero-day vulnerabilities.

3 Zero-Day Vulnerabilities Fixed

In their Patch Tuesday of May 2021, three publicly-disclosed zero-day vulnerabilities were patched:

• CVE-2021-31204 - .NET and Visual Studio Elevation of Privilege vulnerability
• CVE-2021-31207 - Exchange Server Security Bypass Feature Vulnerability
• CVE-2021-31200 - Common Utilities Remote Code Execution vulnerability.

Underground marketplace pricing on RDP server access, compromised payment card data and DDoS-For-Hire services are surging.

Cybercriminals are vying for Remote Desktop Protocol (RDP) access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing.

During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the disruption,” said researchers — and this has also been reflected on underground markets, where new services like targeted ransomware and advanced SIM swapping are popping up.

The ongoing, growing campaign is “effectively an attack on the United States and its government and other critical institutions,” Microsoft warned.

Source: https://krebsonsecurity.com/2020/12/malicious-domain-in-solarwinds-hack-turned-into-killswitch/

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.