Multiple cloud tenants hosting Microsoft Exchange servers have been compromised by malicious actors using OAuth apps to spread spam. Microsoft Exchange Servers Used to Spread Spam Image: Microsoft On September 23, 2022, it was stated in a  Microsoft Security blog post  that the attacker "threat actor launched credential stuffing attacks against high-risk accounts that didn’t have multi-factor authentication (MFA) enabled and leveraged the unsecured administrator accounts to gain initial access". By accessing the cloud tenant, the attacker was able to register a phony OAuth application with elevated permissions. The attacker then added a malicious inbound connector within the server, as well as transport rules, which gave them the ability to spread spam via targeted domains while evading detection. The inbound connector and transport rules were also deleted in between each campaign to help the attacker fly under the radar. Spam Campaigns Involving Malicious OAuth Apps Detected

A senior exec at Amazon Web Services has accused Microsoft of making cosmetic licence changes to appease regulators, but continuing to ensure its wares are more expensive when run in rivals' clouds. Matt Garman, a senior vice president for sales and market at AWS took to LinkedIn to share his opinion that "Customers and policy makers around the world increasingly see MSFT's recent licensing rhetoric as a troubling admission of the same anti-competitive tactics that many companies have been raising with them for years, but went unheeded until they were put before the European Commission." That's a reference to concessions Microsoft made in May 2022 after OVHcloud, Nextcloud, and other European cloud operators filed a class action lawsuit over issues including the fact that Microsoft charges less to run Windows in its own clouds than in rivals' facilities. Microsoft president Brad Smith described the software behemoth's change of stance as allowing licence p

Research reveals that around 80% of all malware attacks used MS Office flaws. Atlas VPN has shared its findings for Q1 2022, in which the company revealed startling stats about Microsoft Office. Reportedly, Microsoft Office has become the most commonly exploited software in  malware attacks . It is a fact that most Microsoft Office security flaws are publicly known which makes it easy for cybercriminals to exploit them. On the other hand, because most users ignore essential software updates, scammers can easily inject malicious code after exploiting security loopholes. CVE-2018-0802 CVE-2017-8570 CVE-2017-11882 According to researchers, some Microsoft Office vulnerabilities are being exploited more than others. These include the following: These flaws allow system infection, execute commands autonomically, and spread malware infection including the nasty Cobalt Strike one. Despite that security updates are available for these vulnerabilities, these still top the list of most exploited

The tech giant Microsoft has been reported to  bringing ads  to its  Xbox’s Free-to-Play games this year . Also, the company wouldn’t take any amount from generated ad revenue. Microsoft has recently added approx 17 new games, including Halo Infinite and The Matrix Awakens, to its free-to-play Xbox games. Earlier, Free-to-Play Xbox games were only accessed by Xbox subscription holders, but lately, the company has made them  accessible for everyone . But now we are getting why they did it. Microsoft to Place Ads in Xbox Free-to-Play Games to Help Developers Microsoft is planning a new ads model for their free-to-play games. Whether it includes some multiplayer games like  Fortnite ,  Apex Legends , and  Rocket League  while you are reading it, you might think it will ruin the experience of playing games, but  it will not . Because the ads might be placed include  billboards  and in other non-disturbing manner; for example, ads would be featured on billboards or on finishing lines in the

Well, if you remember, Microsoft introduced a new emoji picker on Windows 10. The new Emoji Picker was added in Windows 10’s fall creators update. The system-wide emoji picker allowed you to use Emojis on file and folder names. Now Microsoft is rolling out revamped emojis on its very new – Windows 11 operating system. Now the new Emoji are starting to become generally available in the new Windows 11 operating system . Compared to Windows 10 , Windows 11 now offers more modern and expressive emojis to use in your hybrid communication . This allows you to add fun, expression, and personality to your communications. {jistoc} $title={Table of Contents} Steps to Access Microsoft’s New Emoji in Windows 11 So, if you are interested in giving new Windows 11 emoji’s a try, you are reading the right guide. Here, we will share a detailed guide on how to access Microsoft’s new Emoji in Windows 11 . Let’s check out. Install the KB5007262 Update Well, the redesigned set of emojis is available on the

One of the most popular web browsers, Microsoft Internet Explorer, will shut down next year in June. The tech giant has confirmed this officially and said that  Internet Explorer would retire on June 15, 2022. However, the browser is not used in past years after more advanced browsers like Google Chrome, and Firefox came. Internet Explorer to Retire Next Year in June   A program manager from Microsoft Edge, Sean Lyndersay, has announced the end of the browser. In an official statement, he said,  “We are announcing that the future of Internet Explorer on Windows 10 is in Microsoft Edge. The Internet Explorer 11 desktop application will be retired and go out of support on June 15, 2022, for certain versions of Windows 10.” However, the company has confirmed that the LTSC (Lont-Term Serving Channel) of windows 10 will be continued for next year, and the consumer version support will be ended. Microsoft says, by August 2021, Internet Explorer 11 will not be supported by Microsoft 365 and o

According to a Google blog post, Chinese government-backed hackers pretended to be staff from cybersecurity provider McAfee and tricked users into installing malware on their devices. Google said that these hackers would prompt users to install a legitimate version of the McAfee software from GitHub and on the side the malware was surreptitiously installed into the system. Google’s Threat Analysis Group (TAG) that works on preventing cyber attacks identified the activity and instantly sent out a prominent warning. Google also said that the findings were shared with the Federal Bureau of Investigation (FBI). This particular threat comes just ahead of the US elections and threats like these have gradually been increasing over the months. Google sent out 10,316 warnings about government-backed attacks over July to September, the blog stated. In June this year, Google said that it had spotted phishing attacks targeted against personal email accounts of staffers on the Joe Biden and Donald