Microsoft Threat Intelligence has detected cyber threats distributing malware through the ms-appinstaller URI scheme (App Installer) since mid-November 2023. These threat actors, including Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, used the scheme to bypass malware protection measures due to its current implementation issues. In response, Microsoft has disabled the ms-appinstaller protocol handler by default.
When the GDPR is weaponized to shut journalists up, don’t go silently into that dark night
While Zack Whittaker and I work to finish up a report on threats security researchers and journalists receive, there has been more and more news
