Forg365 and the Industrialization of Account Takeover Tactics
A Telegram-based phishing service is lowering barriers to entry for M365 attacks by automating complex bypass and exfiltration workflows.
22 results for “microsoft”
A Telegram-based phishing service is lowering barriers to entry for M365 attacks by automating complex bypass and exfiltration workflows.
Microsoft details how threat actors bypassed traditional defenses to compromise Salesforce environments via OAuth and guest access.
Microsoft has addressed the RoguePlanet vulnerability, ending a contentious saga with security researcher Nightmare Eclipse.
Microsoft identifies a sophisticated new backdoor, GigaWiper, which stitches together existing malware to facilitate targeted data destruction.
A critical firmware certificate rollout has been paused for specific Windows 11 devices following reports of update failures.
Microsoft identifies a sophisticated new malware strain that fuses espionage and permanent data destruction into a single, unified tool.
Threat actors are weaponizing reservation-themed emails with container files to bypass modern Microsoft Office security protections.
A recently disclosed proof-of-concept exploit targeting Windows Defender brings renewed focus to the fragility of enterprise security software.
Microsoft anticipates a surge in security updates as AI-accelerated vulnerability discovery becomes the new industry standard.
Microsoft's latest record-breaking security cycle highlights the mounting pressures of AI-driven vulnerability discovery and exploitation.
Microsoft is introducing the PC Insights skill to its Copilot app, allowing users to query system data without digging through menus.
Microsoft introduces 'PC insights' to help users query hardware stats via Copilot, sparking new debates over privacy and resource usage.
A stealthy new attack technique is bypassing traditional security logs, allowing threat actors to compromise cloud-based infrastructure.
A new subscription-based phishing service leverages device code theft and AI to bypass traditional security defenses.
A single exposed directory reveals how multiple threat actors leverage AiTM tools and OAuth abuse to compromise corporate accounts.
Microsoft identifies a sophisticated new Windows backdoor that merges multiple ransomware and data-wiping tools into one modular threat.
A simple configuration blunder by an attacker unraveled three sophisticated, bypass-capable phishing campaigns targeting Microsoft 365.
Security weaknesses in Microsoft BitLocker wrappers could expose corporate networks and cash machines to deep physical compromise.
GodDamn ransomware now exploits PoisonX, a Microsoft-signed kernel driver, to disable endpoint security, marking a critical escalation in evasion tactics.
Microsoft is phasing out its two-decade-old Outlook Web Access Light client, urging users and administrators to transition to the full Outlook on the web experience by August 2026.
Forg365, a sophisticated phishing-as-a-service platform, now combines AI-assisted lure generation with advanced AiTM and device code methods to compromise Microsoft 365 accounts and maintain persistent access.
Microsoft's increasing reliance on advanced artificial intelligence to proactively uncover vulnerabilities within its Windows codebase is set to significantly raise the volume of monthly security updates for users.