#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter
CrowdSec

OneDrive | Breaking Cybersecurity News | The Hacker News

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware
Sep 28, 2022
The Russian state-sponsored threat actor known as  APT28  has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves the mouse," cybersecurity firm Cluster25  said  in a technical report. "The code execution runs a PowerShell script that downloads and executes a dropper from OneDrive." The dropper, a seemingly harmless image file, functions as a pathway for a follow-on payload, a variant of a malware known as Graphite, which uses the Microsoft Graph API and OneDrive for command-and-control (C2) communications to retrieve additional payloads. The attack employs a lure document that makes use of a template potentially linked to the Organisation for Economic Co-operation and Development ( OECD ), a Paris-based intergovernmental entity. Cluster25 noted the attacks may be ongoing, con

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
Jun 03, 2022
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group, the tech giant's Threat Intelligence Center (MSTIC) said it suspended over 20 malicious OneDrive applications created by Polonium andd that it notified affected organizations. "The observed activity was coordinated with other actors affiliated with Iran's Ministry of Intelligence and Security (MOIS), based primarily on victim overlap and commonality of tools and techniques," MSTIC  assessed  with "moderate confidence." The adversarial collective is believed to have breached more than 20 organizations based in Israel and one intergovernmental organization with operations in Lebanon since February 2022. Targets of interest included entities in the manufacturing

external linkSay Goodbye to SaaS Blind Spots: Wing Security Unveils Free Discovery Tool

SaaS
websitewww.wing.securitySaaS Security / Attack Surface
Wing Security finds and ranks all SaaS applications completely for free, removing unnecessary risk.

Microsoft Adds 2FA-Protected "Personal Vault" Within OneDrive Cloud Storage

Microsoft Adds 2FA-Protected "Personal Vault" Within OneDrive Cloud Storage
Jun 26, 2019
Microsoft has introduced a new password-protected folder within its OneDrive online file storage service that will allow you to keep your sensitive and important files protected and secured with an extra layer of authentication. Dubbed Personal Vault , the new OneDrive folder can only be accessed with an additional step of identity verification, such as your fingerprint, face, PIN, or a two-factor authentication code sent to you via email or SMS. The Personal Vault folder will appear next to other folders in the OneDrive app like your Documents and Pictures, but it will be locked and prompt you for an additional code each time you try to access them via the web, PC, or mobile devices, thus keeping them more secure in the event when someone gains access to your account or your device. Microsoft suggests this new protected area in OneDrive would be useful for users to store more sensitive and personal files like copies of passport, tax, car or home documents, identification cards,

Microsoft will Inform You If Government is Spying on You

Microsoft will Inform You If Government is Spying on You
Dec 31, 2016
Following in the footsteps of Twitter, Facebook and Google, Microsoft promises to notify users of its e-mail ( Outlook ) and cloud storage ( OneDrive ) services if government hackers may have targeted their accounts. The company already notifies users if an unauthorized person tries to access their Outlook or OneDrive accounts. But from now on, the company will also inform if it suspects government-sponsored hackers. Ex-Employee: Microsoft Didn't Notify When China Spied Tibetans Leaders The move could be taken in the wake of the claims made by Microsoft's former employees that several years ago Chinese government hacked into more than a thousand Hotmail email accounts of international leaders of Tibetan and Uighur minorities , but the company decided not to tell the victims, allowing the hackers to continue their campaign. Instead of alerting those leaders of the hacking attempts, Microsoft simply recommended them to change their passwords without disclosi

Microsoft OneDrive Secretly Modifies your BackUp Files

Microsoft OneDrive Secretly Modifies your BackUp Files
Apr 24, 2014
Until now, our privacy has been violated by many big Internet Services, including Google who uses our personal information for the advertising purposes and this is exactly how the companies handle the mass of personal data we provide them. But, recent report about another big giant Microsoft shows that it omits almost all other privacy aspects, as it targets ' Integrity ' of our data. To hold on our large data, having backups is always a good idea and many of us prefer cloud-based backup solutions such as Google Drive, Dropbox, Box, RapidShare, Amazon Cloud Drive to store and secure our personal data. But, unfortunately with Microsoft OneDrive storage service, it doesn't work. Microsoft fails to deliver integrity to its users as Microsoft's OneDrive for Business cloud-based storage service has been modifying users' files when they are uploading to Cloud storage, according to an Ireland based Storage technology researcher Seán Byrne, who posted about it in a Myce
Cybersecurity Resources