Menghan Xiao

The surge comes after malicious actors impersonated well-known brands, such as Adobe Reader and Microsoft Teams, to deliver numerous malware strains, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer and Vidar.

At least 1,200 Redis database servers worldwide have been compromised by a sophisticated piece of malware since September 2021, while more than 2,800 uninfected servers remain at high risk of exploitation.

The campaign involves a number of OAuth apps impersonating credible brands to gain verified status from Microsoft. According to researchers, a user who clicked on a consent prompt would hand malicious actors the ability to read their emails, adjust mailbox settings and gain access to other parts of their Microsoft account.

Despite multiple high-impact vulnerabilities and repeated warnings from Microsoft, government agencies and news media, there are likely hundreds of thousands of internet-connected servers (at least) running older, exposed versions of Exchange today.

Microsoft’s security sales reached a historical high in 2022, delivering more than $20 billion in annual revenue. This comes amid industry debate about the company’s position as both targeted tech giant and security vendor.  

The team identified the bug, tracked under CVE-2007-4559, in Python’s tarfile module late last year. It was first reported to the Python project in 2007 but left unchecked. Since then, it’s presence has greatly expanded as it has been used in approximately 350,000 open-source projects and countless other closed-source or proprietary software projects.

The appointment of Barry Mainz follows a tumultuous few years for the company, influenced in part by Forescout’s acquisition by private equity firm Advent International Corp. roughly two years after its IPO.

FCC Commissioner Jessica Rosenworcel said that the agency's previous “one-and-done” approach to licensing telecom services poses a security risk and should be re-evaluated for foreign carriers like Chinese-owned Huawei who may pose national security concerns.

According to a Chainalysis report released Thursday, total funds sent to known ransomware addresses globally fell from $765.5 million in 2021 to $456.8 million in 2022, with evidence suggesting that this huge drop is due to an increasing unwillingness on the part of victims to pay ransom demands rather than a decline in the actual number of attacks.  

The vulnerable services include Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digitals, according to a blog post Tuesday by Orca Security. Among them, two vulnerabilities involving Azure Functions and Azure Digital Twins did not require authentication, meaning that an attacker could exploit them even without an Azure account.