Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 0 views
A group of actors originating from North Korea that Microsoft Threat Intelligence Center (MSTIC) tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name for its campaigns and has successfully compromised small businesses in multiple countries as early as September 2021. Along with their H0lyGh0st payload, DEV-0530 maintains an .onion site that the group uses to interact with their victims. The group’s standard methodology is to encrypt all files on the target device and use the file extension .h0lyenc, send the victim a sample of the files as proof…
-
Microsoft recognized as a Leader in UEM Software 2022 IDC MarketScape reports
by Guest Emma Jones- 0 replies
- 0 views
Competition for talent has increased pressure to lead in the digital space, and business decisions now weigh user experience for employees heavily among costs and benefits. Workers insist on experiences that mirror their personal experiences, often on their own devices. As enterprise computing has expanded beyond the cubicle, the need to manage the ensuing explosion of complexity, especially when it comes to device security, has raised the bar for technology and information business decision-makers. Microsoft has heard consistently that meeting these expanding needs with limited resources is job one. As new solutions seem to emerge as rapidly as the problem itself expa…
-
-
- FPCH Admin
- 0 replies
- 291 views
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) in October 2021. A fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates released by Apple on May 16, 2022. Microsoft shares the vulnerability disclosure credit with another researcher, Arsenii Kostromin (0x3c3e), who discovered a similar technique independently. We encourage macOS users to install these security updates as soon as possible. …
Last reply by AWS, -
-
All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity
by Guest Abhilasha Bhargav-Spantzel- 0 replies
- 0 views
The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 tons, and is suspended by 250 pairs … All Hands-on Deck: A Whole-of-Society Approach for Cybersecurity Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
The morning of June 9th, I was driving over the Golden Gate Bridge into San Francisco with my family. While crossing the bridge my children shared some facts about this modern engineering marvel. Each day, approx. 100,000 vehicles travel over the bridge deck, which weighs a staggering 150,000 tons, and is suspended by 250 pairs of steel ropes.
Last reply by Cloaked, -
-
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
by Guest Paul Oliveria- 0 replies
- 0 views
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC) campaigns against other targets. Based on our threat data, the AiTM phishing campaign attempted to target more than 10,000 organizations since September 2021. Figure 1. Overview of AiTM phishing campaign and follow-on BEC Phishing remains to be one of the most common techn…
-
Microsoft Mitigates Azure Site Recovery Vulnerabilities
by Guest msrc- 0 replies
- 0 views
Summary: Microsoft recently mitigated a set of vulnerabilities in Azure Site Recovery (ASR) and released fixes today, July 12, as part of our regular Update Tuesday cycle. These vulnerabilities affect all ASR on-premises customers using a VMware/Physical to Azure scenario and are fixed in the latest ASR 9.49 release. We recommend customers update to the … Microsoft Mitigates Azure Site Recovery Vulnerabilities Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
Summary Microsoft recently mitigated a set of vulnerabilities in Azure Site Recovery (ASR) and released fixes today, July 12, as part of our regular Update Tuesday cycle. These vulnerabilities affect all ASR on-premises customers using a VMware/Physical to Azure scenario and are fixed in the latest ASR 9.49 release. We recommend customers update to the latest version of ASR at https://aka.
Last reply by Cloaked, -
-
-
- FPCH Admin
- 0 replies
- 226 views
The public anticipation surrounding Windows Autopatch has been building since we announced it in April. Fortunately for all, the wait is over. We are pleased to announce that this service is now generally available for customers with Windows Enterprise E3 and E5 licenses. Microsoft will continue to release updates on the second Tuesday of every month and now Autopatch helps streamline updating operations and create new opportunities for IT pros. Want to share the excitement? Watch this video to learn how Autopatch can improve security and productivity across your organization: What Is Autopatch? In case you missed the public preview announcement, Windows Autopatch…
Last reply by AWS, -
-
Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT
by Guest Christine Barrett- 0 replies
- 0 views
How many IoT devices are used at your company? If yours is like most organizations, there are probably printers, scanners, and fax machines scattered around the office. Perhaps smart TVs are mounted at reception or in the break room to guide visitors and keep employees up-to-date on company events and news. Or maybe highly connected conference systems bring teams together to collaborate. For some organizations, IoT also includes operational technology (OT) devices used in industrial systems and critical infrastructure. You and your employees probably view these devices as tools to help operate more efficiently. Unfortunately, so do cybercriminals. While IoT devices can…
-
-
- FPCH Admin
- 0 replies
- 226 views
We are excited to share that Microsoft has been rated “Outstanding in Functionality” in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of “Strong Positive” in all five categories: security, deployment, interoperability, usability, and market standing for the Microsoft Purview Information Protection platform. The Secure Collaboration Market Compass report covers solutions that protect sensitive data, which includes intellectual property or information restricted to certain audiences (such as trade secrets, some legal contracts, agreements, and financial statements), al…
Last reply by AWS, -
-
-
- FPCH Admin
- 0 replies
- 237 views
Hive ransomware is only about one year old, having been first observed in June 2021, but it has grown into one of the most prevalent ransomware payloads in the ransomware-as-a-service (RaaS) ecosystem. With its latest variant carrying several major upgrades, Hive also proves it’s one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem. The upgrades in the latest variant are effectively an overhaul: the most notable changes include a full code migration to another programming language and the use of a more complex encryption method. The impact of these updates is far-reaching, considering that Hive is a RaaS payload t…
Last reply by AWS, -
-
- 0 replies
- 216 views
We've all had horrible customer service....tell us your bad customer service experiences!
Last reply by Nebulous, -
- 0 replies
- 214 views
How do you stop itchiness?
Last reply by Nebulous, -
-
- FPCH Admin
- 0 replies
- 261 views
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which include SMS fraud and call fraud, toll fraud has unique behaviors. Whereas SMS fraud or call fraud use a simple attack flow to send messages or calls to a premium number, toll fraud has a complex multi-step attack flow that malware developers continue to improve. For example, we saw new capabilities related to how this threat targets users of specific network operators. It per…
Last reply by AWS, -
-
Using process creation properties to catch evasion techniques
by Guest Microsoft 365 Defender Threat Intelligence Team- 0 replies
- 0 views
We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques breaks some assumptions made by security products and enables attackers to escape antimalware scans by circumventing process creation callbacks using a legacy process creation syscall. Publicly known variations of this class are process doppelganging, process herpaderping, and process ghosting. Evasion techniques used by attackers often involve running malware within the context of a trusted process or hiding code from filesystem and memory sca…
-
Microsoft at RSA 2022: Envisioning the future of security
by Guest Emma Jones- 0 replies
- 0 views
Like most of you, I was glad to see the 2022 RSA Conference return to its in-person roots after a two-year digital hiatus. This year’s event was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in San Francisco. The conference included more than 600 speakers and 400-plus exhibitors, along with hundreds of media representatives. Microsoft Security was on the ground, interacting with customers and security professionals at Microsoft’s 20-plus earned sessions, as well as showcasing new solutions like Microsoft Entra that help realize our goal of comprehensive security. I wa…
-
- 0 replies
- 0 views
Under Coordinated Vulnerability Disclosure (CVD), cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric (SF) Linux clusters (CVE-2022-30137). The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control of the resource’s host SF node and the entire cluster. Though the bug exists on … Service Fabric Privilege Escalation from Containerized Workloads on Linux Read More » Continue reading...
-
How security leaders can help their teams avoid burnout
by Guest Christine Barrett- 0 replies
- 0 views
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Voice of the Community blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Maria Markstedter, Chief Executive Offer (CEO) of Azeria Labs, former Chief Product Officer (CPO) at Corellium, a Black Hat1 Review Board member, Forbes Person of the Year in Cybersecurity, and the author of a soon-to-be-published book on Arm assembly internals and reverse-engineering.2 The thoughts below reflect Maria’s views, not the views of Microsoft, and are not legal advice. In this blog p…
-
-
- FPCH Admin
- 0 replies
- 0 views
Under Coordinated Vulnerability Disclosure (CVD), cloud-security vendor Palo Alto Networks informed Microsoft of an issue affecting Service Fabric (SF) Linux clusters (CVE-2022-30137). The vulnerability enables a bad actor, with access to a compromised container, to escalate privileges and gain control of the resource’s host SF node and the entire cluster.
Last reply by Cloaked, -
-
4 breakthrough ideas for compliance and data security
by Guest Christine Barrett- 0 replies
- 0 views
Compliance management will never be easy, but there are ways to make it simpler and more transparent. Every year, organizations confront a growing volume and diversity of data and ever-evolving industry and government regulations. But the answer to more data, more devices, and more regulations isn’t more point security solutions. In fact, it may be possible to simplify compliance even as everything around you gets more complex. Through research and conversations with customers, we’ve identified four key data security challenges that many organizations face as they implement hybrid work and multicloud environments. You can dig into our findings and recommendations by si…
-
A Man of Action: Meet Callum Carney
by Guest Stephanie Calabrese- 0 replies
- 0 views
Hidden Talents: He was a competitive swimmer for many years. Instrument of Choice: His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life: The Office, World War Z, The Matrix, Breaking Bad, The Thick of It. Favorite non-profit: RSPCA How he … A Man of Action: Meet Callum Carney Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 0 views
Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It.
Last reply by Cloaked, -
-
Detecting malicious key extractions by compromised identities for Azure Cosmos DB
by Guest Christine Barrett- 0 replies
- 0 views
Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog post, we describe security practices for securing access to Azure Cosmos DB and show how monitoring relevant control plane operations, when performed by Microsoft Defender for Azure Cosmos DB, can help detect potentially compromised identities. Authentication and authorization Operating Azure Cosmos DB databases requires valid credentials to be provided for each request. The main type of credentials is a pair of …
-
Microsoft Defender for Office 365 receives highest award in SE Labs Enterprise Email Security Services test
by AWS-
- FPCH Admin
- 0 replies
- 226 views
In today’s evolving threat landscape, email represents the primary attack vector for cybercrime, making effective email protection a key component of any security strategy.1 In Q1 2022, Microsoft participated in an evaluation of email security solutions, carried out by SE labs—a testing lab focused on assessing the efficacy of security solutions. In their latest Enterprise Email Security Services test, they evaluated email security vendors against a range of real-world email attack scenarios. Today we are excited to share that Microsoft received an AAA Protection Award for Microsoft Defender for Office 365, the highest possible award that vendors can achieve in this…
Last reply by AWS, -