cognitive cybersecurity intelligence

News and Analysis


Microsoft Disabled App Installer Abused by Hackers

Threat actors are disseminating malware through the ms-appinstaller URI scheme, which Microsoft has now disabled by default. This method was chosen because it can evade security precautions like Microsoft Defender SmartScreen. Microsoft’s Threat Intelligence team has identified it as an entry point for ransomware, used by threat actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674. The actors spoof legitimate apps, trick users into installing malicious packages, and avoid early detection. Microsoft is advising users to implement phishing-resistant authentication to safeguard against these attacks.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Connecting Tech to Black America

Tech evangelist David Lee spotlights the underrepresentation of Black Americans in tech, an issue he contends requires collective action to rectify. He suggests fostering connections

Zero-Day Attack Hits Cybersecurity Leader

The MITRE Corporation, a contributor to public interest cybersecurity, disclosed a data breach originating from a state-backed hack. Detected after suspicous activity was noticed on

Defining and Understanding Trust Assurance

Trust is essential for businesses and building it requires embracing the pillars of trust assurance: predictive, integrated, and transparent systems. Through trust assurance, businesses can