Tag: microsoft
-
Fake Microsoft Office add-in tools push malware via SourceForge
Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-microsoft-office-add-in-tools-push-malware-via-sourceforge/
-
The SQL Server Crypto Detour
by
in SecurityNews
Tags: access, api, backup, credentials, crypto, cryptography, data, encryption, jobs, microsoft, password, service, sql, tool, update, vulnerability, windowsAs part of my role as Service Architect here at SpecterOps, one of the things I’m tasked with is exploring all kinds of technologies to help those on assessments with advancing their engagement. Not long after starting this new role, I was approached with an interesting problem. A SQL Server database backup for a ManageEngine’s…
-
Microsoft fixes auth issues on Windows Server, Windows 11 24H2
by
in SecurityNewsMicrosoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-auth-issues-on-windows-server-windows-11-24h2/
-
Microsoft Patch Tuesday for April 2025, Snort rules and prominent vulnerabilities
by
in SecurityNewsMicrosoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft has marked as “critical”. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/microsoft-patch-tuesday-april-2025/
-
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
by
in SecurityNewsPatch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-patches-125-windows-vulns-including-exploited-clfs-zero-day/
-
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)
by
in SecurityNewsApril 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/08/patch-tuesday-microsoft-zero-day-cve-2025-29824/
-
Windows CLFS zero-day exploited by ransomware gang
by
in SecurityNewsMicrosoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims’ systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-windows-clfs-zero-day-exploited-by-ransomware-gang/
-
Microsoft April 2025 Patch Tuesday: Fixing 121 Vulnerabilities, Including a Critical Zero-Day
by
in SecurityNews
Tags: cyber, exploit, flaw, microsoft, remote-code-execution, software, update, vulnerability, zero-dayMicrosoft has rolled out its April 2025 Patch Tuesday update, addressing 121 security vulnerabilities across its software ecosystem. This comprehensive update includes fixes for critical issues such as the elevation of privilege, remote code execution, and information disclosure vulnerabilities. Among the patched flaws is a zero-day vulnerability actively exploited in the wild, underscoring the urgency…
-
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
Today is Microsoft’s April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-april-2025-patch-tuesday-fixes-exploited-zero-day-134-flaws/
-
Windows 10 KB5055518 update fixes random text when printing
by
in SecurityNewsMicrosoft has released the KB5055518 cumulative update for Windows 10 22H2 and Windows 10 21H2, with nine changes or fixes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-kb5055518-update-fixes-random-text-when-printing/
-
Windows 11 KB5055523 & KB5055528 cumulative updates released
by
in SecurityNewsMicrosoft has released Windows 11 KB5055523 and KB5055528 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5055523-and-kb5055528-cumulative-updates-released/
-
Vidar Stealer Uses New Deception Technique to Hijack Browser Cookies and Stored Credentials
by
in SecurityNewsVidar Stealer a notorious information-stealing malware has adopted a deceptive method to disguise itself as Microsoft’s BGInfo application. By exploiting a legitimate tool widely used by IT professionals to display system details, attackers have demonstrated advanced techniques to evade detection and execute malicious code designed to compromise sensitive data. BGInfo, part of Microsoft’s Sysinternals Suite,…
-
In The News – ManagedMethods Launches Classroom Manager to Protect Students from Online Harm, Put Control Back in the Hands of Educators
by
in SecurityNewsThis article was originally published in Newswire on 04/03/25. Introduction of Classroom Manager comes during a pivotal moment for educators balancing effective classroom learning with decreasing student engagement ManagedMethods, the leading provider of Google Workspace and Microsoft 365 cybersecurity, student safety, and compliance for K-12 school districts, today announces the launch of Classroom Manager, a…
-
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.”One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a First seen on…
-
What Microsoft Knows About AI Security That Most CISOs Don’t?
by
in SecurityNewsTraditional security fails with AI systems. Discover Microsoft’s RAI Maturity Model and practical steps to advance from Level 1 to Level 5 in AI security governance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/what-microsoft-knows-about-ai-security-that-most-cisos-dont/
-
Nebenbei kriminell: Doppelleben eines Sicherheitsforschers enttarnt
by
in SecurityNews
Tags: microsoftSicherheitslücken an Konzerne wie Microsoft zu melden, war ihm offenkundig nicht genug. Nebenbei soll der Sicherheitsforscher Teil einer bekannten Cyberbande sein. First seen on golem.de Jump to article: www.golem.de/news/nebenbei-kriminell-doppelleben-eines-sicherheitsforschers-enttarnt-2504-195137.html
-
Microsoft 365 Backup: Bordmittel zur Sicherung von Daten in der Cloud – Backup für Microsoft 365: integrierte Lösung nutzen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/backup-fuer-microsoft-365-integrierte-loesung-nutzen-a-d42d82af4de88fedb6d0df668ab9c494/
-
E-Mails von microsoft-noreply@microsoft.com – Angreifer tricksen Opfer mit echten Systemnachrichten von Microsoft aus
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminelle-microsoft-benachrichtigungen-phishing-a-e2398100901a98bd505268ab97da888a/
-
Legal clock ticking for Microsoft over alleged software license abuses
by
in SecurityNewsWith weeks to meet terms of settlement agreement, engineers in Redmond still don’t have a product to show CISPE First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/legal_clock_ticking_for_microsoft/
-
EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher
by
in SecurityNewsEncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/encrypthubs-dual-life-cybercriminal-vs-windows-bug-bounty-researcher/
-
Microsoft delays WSUS driver sync deprecation indefinitely
by
in SecurityNewsMicrosoft announced today that, based on customer feedback, it will indefinitely delay removing driver synchronization in Windows Server Update Services (WSUS). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-delays-wsus-driver-sync-deprecation-indefinitely/
-
An Operator’s Guide to Device-Joined Hosts and the PRT Cookie
by
in SecurityNewsIntroduction About five years ago, Lee Chagolla-Christensen shared a blog detailing the research and development process behind his RequestAADRefreshToken proof-of-concept (POC). In short, on Entra ID joined (including hybrid joined) hosts, it’s possible to obtain a primary refresh token (PRT) cookie from the logged in user’s logon session, enabling an attacker to satisfy single-sign-on (SSO)…
-
Microsoft Security Copilot Gets New Tooling
by
in SecurityNewsCan Microsoft realize the true potential of its AI Security push? First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/microsoft-security-copilot-gets-new-tooling/
-
Malicious VSCode extensions infect Windows with cryptominers
by
in SecurityNewsNine VSCode extensions on Microsoft’s Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer to mine Ethereum and Monero. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-vscode-extensions-infect-windows-with-cryptominers/
-
Windows 11 24H2 blocked on PCs with code-obfuscation driver BSODs
by
in SecurityNewsMicrosoft has introduced a new Windows 11 24H2 safeguard hold for systems running security or enterprise software using SenseShield Technology’s sprotect.sys driver. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-24h2-blocked-on-pcs-with-code-obfuscation-driver-bsods/
-
Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign
by
in SecurityNewsSecurity researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-vs-code-cryptojacking/
-
The controversial case of the threat actor EncryptHub
by
in SecurityNewsMicrosoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. Microsoft credited the likely lone actor behind the EncryptHub alias (also known as SkorikARI) for reporting two Windows security flaws, highlighting a >>conflicted
-
Golem Karrierewelt: Kostenloses Live-Webinar: Microsoft Copilot Administration
by
in SecurityNews
Tags: microsoftWorauf kommt es bei der sicheren Administration von Microsoft Copilot an? Das Live-Webinar mit dem Microsoft 365-Experten Aaron Siller bietet Antworten! First seen on golem.de Jump to article: www.golem.de/news/golem-karrierewelt-kostenloses-live-webinar-microsoft-copilot-administration-2504-194994.html
-
How Trump’s tariffs are shaking up the cybersecurity sector
by
in SecurityNews
Tags: antivirus, ceo, china, cisa, country, cyber, cyberattack, cybersecurity, defense, finance, government, Hardware, infrastructure, microsoft, network, service, supply-chain, technology, threat, vulnerabilityCustomer cutbacks and increased costs are major concerns: In addition to the macroeconomic fears and worries over retaliatory measures, US cybersecurity companies are vulnerable to losing revenue under the new tariffs as customers reduce their cybersecurity budgets to cope with their own tariff-induced financial pressures.”What’s happening is that people are looking at cybersecurity through the…
-
AD Certificate Exploitation: ESC1
by
in SecurityNewsThe AD CS (Active Directory Certificate Services) certificate template is a predefined configuration in Microsoft AD CS that defines the type of certificate a user, First seen on hackingarticles.in Jump to article: www.hackingarticles.in/ad-certificate-exploitation-esc1/