all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft addresses App Installer abuse

Add to bookmarks
Dec. 28, 2023, 8 a.m. |

Microsoft Security Response Center msrc-blog.microsoft.com

Summary In recent months, Microsoft Threat Intelligence has observed threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme. We have addressed and mitigated this malicious activity by turning off ms-appinstaller by default. Additionally, Microsoft has coordinated with Certificate Authorities to revoke the abused code signing certificates utilized by malware samples we have identified.

abuse addresses app app installer certificate certificate authorities code code signing coordinated default engineering installer intelligence malicious microsoft microsoft threat intelligence ms-appinstaller phishing phishing techniques signing social social engineering target techniques threat threat actors threat intelligence uri windows windows os

Visit resource

More from msrc-blog.microsoft.com / Microsoft Security Response Center

Congratulations to the Top MSRC 2024 Q1 Security Researchers! 2 weeks, 1 day ago | msrc-blog.microsoft.com
check chen customers hard +13
Toward greater transparency: Adopting the CWE standard for Microsoft CVEs 3 weeks, 3 days ago | msrc-blog.microsoft.com
center communities current customers +20
Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team 1 month ago | msrc-blog.microsoft.com
analysts banking collect curiosity +20
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard 1 month, 3 weeks ago | msrc-blog.microsoft.com
actions actor attack blizzard +24
Faye’s Journey: From Security PM to Diversity Advocate at Microsoft 2 months ago | msrc-blog.microsoft.com
career deployment desktop desktops +9
Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and … 2 months ago | msrc-blog.microsoft.com
award awards bounty bug +16
From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin 2 months ago | msrc-blog.microsoft.com
adventures cybersecurity dream found +7
An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career … 2 months, 1 week ago | msrc-blog.microsoft.com
bruce career college dream +13
New Security Advisory Tab Added to the Microsoft Security Update Guide 2 months, 2 weeks ago | msrc-blog.microsoft.com
advisory customers feedback guide +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

DevSecOps Engineer

@ LinQuest | Beavercreek, Ohio, United States
View on infosec-jobs.com

Senior Developer, Vulnerability Collections (Contractor)

@ SecurityScorecard | Remote (Turkey or Latin America)
View on infosec-jobs.com

Cyber Security Intern 03416 NWSOL

@ North Wind Group | RICHLAND, WA
View on infosec-jobs.com

Senior Cybersecurity Process Engineer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Sr. Manager, Cybersecurity and Info Security

@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US
View on infosec-jobs.com
View more jobs