SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#Microsoft
20 Feb 2018

Google exposes security flaw in Microsoft Edge

Google's Project Zero initiative tasks its security researchers with finding flaws in various software products developed by the company itself as well as other firms. Back in 2016, it revealed a serious vulnerability present in Windows 10, and reported a "crazy bad vulnerability" in Windows in 2017.

Now, the firm has disclosed another security flaw in Microsoft Edge, after the Redmond giant failed to fix it in the allotted time. Back in February 2017, Microsoft stated that it would be using Arbitrary Code Guard (ACG) in Microsoft Edge with the Windows 10 Creators Update to mitigate arbitrary native code execution. 

Read more
Tags:
Microsoft information leaks Google
Source:
Neowin
1968
16 Feb 2018

Word-based malware attack doesn’t use macros

Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free.

The attacks do not generate the same type of default warning from Microsoft associated with macro-based attacks, according to research published Wednesday by Trustwave’s SpiderLabs. When opening attachments, there are no warnings or pop-ups alerting victims, researchers said. The attack uses malicious Word attachments. 

Read more
Tags:
hackers information leaks Microsoft
Source:
Threatpost
1729
20 Oct 2017

BoundHook: Microsoft downplays Windows systems exploit technique

A post-intrusion technique developed by researchers at CyberArk Labs called BoundHooking allows attackers to exploit a feature in all Intel chips introduced since Skylake. The attack technique allows for the execution of code from any process without detection by antivirus software or other security measures, researchers said.

According to CyberArk, a BoundHooking attack exploits the Intel feature called Memory Protection Extension (MPX) to hook function calls that pass between software components. That allows for an adversary to manipulate and spy on a wide range of Windows applications. 

Read more
Tags:
Microsoft information leaks
Source:
Threatpost
1712
17 Oct 2017

Microsoft responded quietly after detecting secret database hack in 2013

Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.

The company did not disclose the extent of the attack to the public or its customers after its discovery in 2013, but the five former employees described it in separate interviews. Microsoft declined to discuss the incident. The database contained descriptions of critical and unfixed vulnerabilities in some of the most widely used software in the world, including the Windows operating system. 

Read more
Tags:
Microsoft утечка информации хакеры
Source:
Reuters
1601
11 Sep 2017

Flaw in Windows kernel hinders identification of potentially dangerous files

A researcher is warning that a programming error in the Microsoft Windows kernel might inhibit security software vendors and kernel developers from properly identifying modules loaded during runtime, including potentially malicious files. However, Microsoft does not view the issue as a security threat.

According to Omri Misgav, security researcher at enSilo, the bug affects all Windows operating systems from Windows 2000 to Windows 10. Specifically, the flaw pertains to a security mechanism called PsSetLoadImageNotifyRoutine, which provides notifications when PE image files are loaded in runtime to virtual memory space. 

Read more
Tags:
Windows Microsoft information leaks
Source:
SC Magazine
1675
7 Jul 2017

Hackers launch fresh cyber assault on MPs' passwords

Hackers are calling MPs and trying to trick them into revealing their personal parliamentary details. Politicians and aides have been warned that hackers are posing as parliamentary officials asking for their passwords.

The warning comes after Parliament suffered its biggest ever cyber attack as hackers launched a "sustained and determined" attempt to break into emails. Parliament was forced to lock MPs out of their accounts. Parliamentary officials have said that hackers are still attempting to gain access. The message sent to MPs and staff warned: "This afternoon we've heard reports of parliamentary users being telephoned and asked for their parliamentary username and password.

Read more
Tags:
hackers Microsoft fraud
Source:
The INQUIRER
1713
3 Jul 2017

Azure AD Connect vulnerability allows attackers to reset admin passwords

A vulnerability in Azure AD Connect could be exploited by attackers to reset passwords and gain unauthorized access to on-premises AD privileged user accounts, Microsoft warned on Tuesday.

What are Azure AD and Azure AD Connect? Microsoft Azure AD (Active Directory) is often used by enterprises to provide employees and business partners single sign-on access to cloud SaaS Applications (e.g. Office365, DropBox, etc.). It can also be integrated with an organization’s existing Windows Server Active Directory, so that they can use existing on-premises identity solutions to manage access to cloud based SaaS applications.

Read more
Tags:
information leaks Microsoft
Source:
Help Net Security
1555
27 Jun 2017

Windows 10 S doesn't appear to be as invulnerable to ransomware as Microsoft claims

The major premise justifying Windows 10 S, the new variant of Windows 10 that can only install and run applications from the Windows Store, is that by enforcing such a restriction, Windows 10 S can offer greater robustness and consistency than regular Windows.

For example, apps from the Windows Store can't include unwanted malicious software within their installers, eliminating the bundled spyware that has been a regular part of the Windows software ecosystem. If Windows 10 S can indeed provide much stronger protection against bad actors then its restrictions represent a reasonable trade-off.

Read more
Tags:
Microsoft information leaks Windows
Source:
Ars Technica
1820
26 Jun 2017

Microsoft confirms some Windows 10 source code has leaked

A portion of Microsoft’s Windows 10 source code has leaked online. Files related to Microsoft’s USB, storage, and Wi-Fi drivers in Windows 10 were posted to Beta Archive.

Beta Archive is a site that tracks Windows releases, and asks members to donate money or contribute something Windows-related if they access a free private FTP full of archived Windows builds. The leaked code was published to Beta Archive’s FTP, and is part of Microsoft's Shared Source Kit. “Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners,” reveals a Microsoft spokesperson.

Read more
Tags:
Windows information leaks Microsoft
Source:
The Verge
1869
20 Jun 2017

Skype down: Connectivity borkage leaves users unable to access service

Microsoft-owned Skype is suffering widespread borkage that has left many unable to access the service. Problems first began on Monday, with Skype admitting that its users had been plagued by connectivity problems. "We are aware of an incident where users will either lose connectivity to the application and may be unable to send or receive messages," it said.

"Some users will be unable to see a black bar that indicates them that a group call is ongoing, and longer delays in adding users to their buddy list." Despite claiming at around 1.45am UK time that the connectivity issues had been resolved, problems are continuing into Tuesday.

Read more
Tags:
Skype Microsoft
Source:
TheINQUIRER
1592
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
First page Previous
1 2 3 4 . . 9
Next Last page
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015