Krebs on Security » microsoft

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact ...

https://krebsonsecurity.com/2023/09/fbi-hacker-dropped-stolen-airbus-data-on-9-11/

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being expl...

https://krebsonsecurity.com/2023/09/adobe-apple-google-microsoft-patch-0-day-bugs/

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnera...

https://krebsonsecurity.com/2023/08/microsoft-patch-tuesday-august-2023-edition/

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email ...

https://krebsonsecurity.com/2023/08/teach-a-man-to-phish-and-hes-set-for-life/

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: No...

https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/

Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awa...

https://krebsonsecurity.com/2022/11/patch-tuesday-november-2022-election-edition/

Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphone...

https://krebsonsecurity.com/2022/05/your-phone-may-soon-replace-many-of-your-passwords/

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media...

https://krebsonsecurity.com/2022/04/fighting-fake-edrs-with-credit-ratings-for-police/

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. T...

https://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/

Conti -- one of the most ruthless and successful Russian ransomware groups -- publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare provider...

https://krebsonsecurity.com/2022/04/contis-ransomware-toll-on-the-healthcare-industry/