microsoft


Remcos is another RAT (Remote Administration Tool) that was first discovered being sold in hacking forums in the second half of 2016. Since then, it has been updated with more features, and just recently, we’ve seen its payload being distributed in the wild for the first time. This article demonstrates how this commercialized RAT is being used in an attack, and what its latest version (v1.7.3) is capable of doing. Remcos is currently being sold from $58 to $389, depending on the license period and the maximum number of masters or clients... [Read More]
by RSS Floser Bacurio and Joie Salvio  |  Feb 14, 2017  |  Filed in: Security Research
Microsoft Ignite – Australia – Gold Coast Convention and Exhibition February 14-17th https://msftignite.com.au/ Is cloud the new normal for your enterprise? Are you moving more and more applications into the cloud? Have you asked yourself how you are securing your data in this new world of cloud? Scalability and flexibility are the key drivers of Cloud networking and computing. With more and more business transitioning to public cloud environments, the cloud is becoming an increasingly attractive target for hackers... [Read More]
by RSS Katrina Fox  |  Feb 07, 2017  |  Filed in: Industry Trends & News
Last month I discovered and reported an integer overflow vulnerability in the Windows Registry. Last Tuesday, October 25th, Microsoft released Security Bulletin MS16-124, which contains the patch for this vulnerability, and identifies it as CVE-2016-0070. This vulnerability could lead to local privilege elevation, and is rated as “Important” by Microsoft. The vulnerability affects multiple Windows versions, and Microsoft has recommended installing this update immediately. In this blog I will share the details of this vulnerability. How... [Read More]
by RSS Honggang Ren  |  Oct 31, 2016  |  Filed in: Security Research
Fortinet and Microsoft today announced an extension of their partnership to protect the cloud environments of their joint government customers. The US Federal Government sets the world’s highest security standards for data protection. Other public institutions, like state and local governments, police, and fire departments, follow these standards as well to protect the citizenry they serve. Partnering to Deliver Cloud Security for Government Organizations Fortinet and Microsoft are committed to delivering world-class security to... [Read More]
by RSS John Welton  |  Oct 27, 2016  |  Filed in: Industry Trends & News
Recently we received a SPAM with an attachment, which is a password-protected Word document. Its MD5 is 6619356e9e0c9d2445bf777a8bea5d6a, which is detected as “WM/Agent.60F9!tr” by the Fortinet AntiVirus service. When the document is opened, the attached malicious VB script code is executed and additional malware is created and executed. Based on our analysis, this is information-stealing malware. In this blog, we’ll show you how the malware works, what information is stolen from a victim’s system, and how the stolen data... [Read More]
by RSS Xiaopeng Zhang  |  Oct 24, 2016  |  Filed in: Security Research
Over the last 18-24 months the embrace of public cloud for critical workloads has transitioned from the “investigative” stage to “plan of record” for the majority of organizations.  Still, mysteries and major questions remain – especially when it comes to securing your cloud workloads.  Microsoft understands the needs of their customers to secure their cloud workload and has developed a great toolset to make securing Microsoft Azure simple and straightforward – Azure Security Center (ASC).  ASC... [Read More]
by RSS Warren Wu  |  Aug 05, 2016  |  Filed in: Industry Trends & News
Securing Microsoft Azure: A new Fortinet-Microsoft Cloud Security Workshop SeriesOn June 8th, Microsoft will be hosting Fortinet’s Azure Cloud team to discuss how to secure your cloud workloads.  The events, being held in Mississauga, Ontario & downtown Toronto, will be packed with leaders from Microsoft’s Enterprise Software & Cloud and Fortinet’s Cloud Security teams, delivering a customer-focused workshop on cloud security. For many organizations the value – speed, agility, productivity, and cost reduction, etc. – of moving to the... [Read More]
by RSS Bill McGee  |  Jun 01, 2016  |  Filed in: Industry Trends & News
What do you get when you combine the world’s most widely deployed NGFW with the largest scalable infrastructure and then add-in unmatched granular visibility, control, threat prevention and a whole lot of other DevOps capabilities?  You get a scalable, secure, and easy to use cloud infrastructure that customers can migrate to or build their workloads on with confidence.  Microsoft Azure announced their Azure Security Center (ASC) program in September 2015 (after having been used in a preview form by thousands of customers) with... [Read More]
by RSS Richard Henderson  |  Feb 25, 2016  |  Filed in: Industry Trends & News
Researchers with FortiGuard Labs recently discovered a persistent cross-site scripting vulnerability in Microsoft SharePoint 2013. SharePoint is a web application platform in the Microsoft Office server suite that combines intranet, extranet, content management, document management, personal cloud, enterprise social networking, enterprise search, business intelligence, workflow management, web content management, and an enterprise application store. It is frequently deployed for internal use in mid-size businesses and large departments... [Read More]
by RSS Aamir Lakhani  |  Sep 14, 2015  |  Filed in: Industry Trends & News
Introduction Last month, iSightPartners revealed a Microsoft Office zero-day leveraged in a targeted attack by a Russian cyber espionage team. This vulnerability has been patched in Microsoft bulletin MS15-070. CVE-2015-2424 was assigned to this vulnerability. In this blog post, we will discuss the nature of the vulnerability to give some insights to other researchers for understanding and detecting this specific Word vulnerability. Multi-directory entries chaining We first extracted the embedded objects inside the exploit document... [Read More]
by RSS Wayne Chin Yick Low  |  Sep 01, 2015  |  Filed in: Security Research