Russia-Backed Hackers Infiltrate Microsoft’s Corporate Email System
Microsoft announced on a blog post that the email intrusion attack began in November 2023 and was discovered on January 12th, 2024. Microsoft deduced that the attack originated from a Russian nation-state hacking group.
The Microsoft blog post stated the attack gained access to a small percentage of Microsoft corporate email accounts, consisting of Microsoft leadership, security, and IT team members. The incident is still under investigation and reported to the SEC, Microsoft vowed to take any further necessary action while being as transparent as possible.
Chinese Group Exploited VMWare Zero-Day Vulnerability for 2 Years
Mandiant released a report uncovering the Chinese group behind the VMWare zero-day vulnerability exploit attacks initiated since 2021.
Now labeled as “UNC3886”, the Chinese cyber espionage group focused on exploiting zero-day vulnerabilities to attack while avoiding detection, allowing the group to gain privileged access to the VMWare system, placing host credentials at risk.
Brave Browser Ends ‘Strict’ Fingerprinting Requirement
Brave removed the biometric safety web-browsing ‘fingerprinting protection mode’ in the browser’s ‘strict’ mode as reports of sites not working correctly as a result of the feature remained consistent.
Adding to the trouble caused by the safety features’ degraded browsing experience, only 0.5% of Brave users utilize the browser’s ‘strict’ mode. However, Brave intends to reintroduce the feature when its compatibility issues are patched.
