Tag: microsoft
-
Microsoft says it’s not using your Word, Excel data for AI training
by
in SecurityNewsMicrosoft has denied claims that it uses Microsoft 365 apps (including Word, Excel, and PowerPoint) to collect data to train the company’s artificial intelligence (AI) models. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-its-not-using-your-word-excel-data-for-ai-training/
-
Barings Law plans to sue Microsoft and Google over AI training data
by
in SecurityNewsMicrosoft and Google are using people’s personal data without proper consent to train artificial intelligence models, alleges Barings Law, as it prepares to launch a legal challenge against the tech giants First seen on Jump to article: /www.computerweekly.com/news/366616407/Barings-Law-plans-to-sue-Microsoft-and-Google-over-AI-training-data
-
Microsoft Finally Releases Recall as Part of Windows Insider Preview
by
in SecurityNewsThe preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/microsoft-releases-recall-windows-insider-preview
-
Microsoft patcht teils kritische Lücken außer der Reihe
by
in SecurityNewsMicrosoft hat Sicherheitslecks in mehreren Produkten geschlossen. Einige Updates müssen Nutzer installieren. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-patcht-teils-kritische-Luecken-ausser-der-Reihe-10178400.html
-
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled
by
in SecurityNewsA Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities”, one in Mozilla Firefox and another in Microsoft Windows Task Scheduler. These vulnerabilities, identified as CVE-2024-9680 and CVE-2024-49039, were chained together to allow the group to execute arbitrary code and install malicious backdoors on…
-
AWS bends to Broadcom’s will with VMware Cloud Foundation asservice
Microsoft, Oracle, and IBM are all doing it. Andy Jassy’s rent-a-server shop may have felt it was leaving money on the table First seen on theregister.com Jump to article: www.theregister.com/2024/11/26/amazon_elastic_vmware_service_preview/
-
Nicht nur Microsoft kann das: Cloudflare verliert Logging-Daten seiner Kunden
by
in SecurityNews
Tags: microsoftMehrere Stunden an Protokolldaten eines Großteils der Cloudflare-Kundschaft sind verschwunden. Dabei wollte der Konzern nur eine kleine Änderung einführen. First seen on golem.de Jump to article: www.golem.de/news/nicht-nur-microsoft-kann-das-cloudflare-verliert-logging-daten-seiner-kunden-2411-191180.html
-
Hotpatching kommt auch in Windows 11
by
in SecurityNewsWindows 11 kommt auch in den Genuss von Neustart-losen Updates. Microsoft beginnt den Probebetrieb für verwaltetes Windows 11 24H2 Enterprise. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-Hotpatching-kommt-auch-in-Windows-11-10177968.html
-
Microsoft 365: Nutzen Word und Excel Kundendaten für KI-Trainings?
by
in SecurityNewsAuf X wird die Annahme verbreitet, dass Microsoft Dokumenteninhalte für KI-Trainings sammeln soll. Das Unternehmen hat das offiziell verneint. First seen on golem.de Jump to article: www.golem.de/news/microsoft-365-nutzen-word-und-excel-kundendaten-fuer-ki-trainings-2411-191177.html
-
MSSQL for Pentester: Command Execution with xp_cmdshell
by
in SecurityNewsTransact-SQL (T-SQL) is an extension of the SQL language used primarily in Microsoft SQL Server. T-SQL expands the functionality of SQL by adding proc… First seen on hackingarticles.in Jump to article: www.hackingarticles.in/mssql-for-pentester-command-execution-with-xp_cmdshell/
-
RomCom Exploits Zero-Days in Firefox (CVE-2024-9680) Windows (CVE-2024-49039) with No User Interaction
by
in SecurityNews
Tags: attack, browser, cybersecurity, exploit, microsoft, russia, threat, vulnerability, windows, zero-dayIn a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day vulnerabilities in both Mozilla Firefox and Microsoft Windows. These vulnerabilities”, previously... First seen on securityonline.info Jump to article: securityonline.info/romcom-exploits-zero-days-in-firefox-cve-2024-9680-windows-cve-2024-49039-with-no-user-interaction/
-
Microsoft’s Cloud Defender integrates SCA tool by Endor Labs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/microsofts-cloud-defender-integrates-sca-tool-by-endor-labs
-
Dell unveils new AI, cybersecurity tools at Microsoft Ignite event
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/dell-unveils-new-ai-cybersecurity-tools-at-microsoft-ignite-event
-
RomCom Hackers Exploits Windows Firefox Zero-Day in Advanced Cyberattacks
by
in SecurityNewsIn a new wave of cyberattacks, the Russia-aligned hacking group >>RomCom>The compromise chain is composed of a […] The post RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/romcom-hackers-exploits-windows-firefox-zero-day/
-
Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records
by
in SecurityNewsA security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/data-leaks-microsoft-power-pages-nhs-records
-
Bing Wallpaper app, now in Windows Store, accused of cookie shenanigans
by
in SecurityNewsMicrosoft free tool snooping on users? Surely not! First seen on theregister.com Jump to article: www.theregister.com/2024/11/26/bing_wallpaper_app/
-
Cyberangriff auf Drittanbieter: Starbucks muss Gehälter wohl manuell auszahlen
by
in SecurityNewsNeben Starbucks hat das attackierte Unternehmen noch weitere prominente Kunden – darunter Ford, Nissan, Microsoft, Samsung, Lenovo und Coca Cola. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-auf-drittanbieter-starbucks-muss-gehaelter-wohl-manuell-auszahlen-2411-191147.html
-
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
by
in SecurityNewsThe Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems.”In a successful attack, if a victim browses a web page containing the exploit, an…
-
Microsoft-365-Störungen weitgehend behoben
by
in SecurityNews
Tags: microsoftSeit Montag gibt es Störungen der Microsoft-365-Dienste, insbesondere für Outlook und Teams. Die sollen weitgehend behoben sein. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-Cloud-Probleme-stoeren-Outlook-und-Teams-10176043.html
-
9 VPN alternatives for securing remote network access
by
in SecurityNews
Tags: access, ai, api, attack, authentication, automation, best-practice, business, cloud, compliance, computer, computing, control, corporate, credentials, cve, cybercrime, cybersecurity, data, defense, detection, dns, encryption, endpoint, exploit, firewall, fortinet, group, guide, Hardware, iam, identity, infrastructure, Internet, iot, least-privilege, login, malicious, malware, mfa, microsoft, monitoring, network, office, password, ransomware, risk, router, saas, service, software, strategy, switch, threat, tool, update, vpn, vulnerability, vulnerability-management, waf, zero-trustOnce the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, large numbers…
-
Cloud-Probleme stören Outlook und Teams
by
in SecurityNewsSeit Montag gibt es Störungen der Microsoft-365-Dienste, insbesondere für Outlook und Teams. Die sollen weitgehend behoben sein. First seen on heise.de Jump to article: www.heise.de/news/Microsoft-Cloud-Probleme-stoeren-Outlook-und-Teams-10176043.html
-
North Korean and Chinese Threat Actors Target Crypto, Aerospace, and Government Agencies
by
in SecurityNews
Tags: china, crypto, cyber, government, intelligence, korea, microsoft, north-korea, tactics, threatAt CYBERWARCON 2024, Microsoft Threat Intelligence unveiled groundbreaking research on two major nation-state cyber actors: North Korea and China. These revelations provide a closer look at their tactics, techniques, and... First seen on securityonline.info Jump to article: securityonline.info/north-korean-and-chinese-threat-actors-target-crypto-aerospace-and-government-agencies/
-
Ab Februar 2025 – MFA wird Pflicht im Microsoft 365 Admin Center
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-365-multifaktor-authentifizierung-pflicht-a-ad49f6b6c4319e4beffcbba3564f8f26/
-
Mysterious Elephant Using Hajj-Themed Bait in Attacks
Group Deploys Upgraded Malware Disguised as Microsoft File on Pilgrimage Goers. A South Asian threat actor identified as Mysterious Elephant or APT-K-47 by Knownsec 404 researchers is using a Hajj-themed lure to trick victims into malicious payload disguised as a Windows file. The hacker is using upgraded Asyncshell malware disguised as a Microsoft Compiled HTML…
-
New Windows 10 0x80073CFA fix requires installing WinAppSDK 3 times
by
in SecurityNewsMicrosoft has shared a new method to fix a bug preventing app uninstalls or updates on Windows 10 for those unwilling to deploy this month’s preview update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-windows-10-0x80073cfa-fix-requires-installing-winappsdk-3-times/
-
November 2024 Patch Tuesday Fixes Actively Exploited Flaws (CVE-2024-49039)
by
in SecurityNewsIn its November 2024 Patch Tuesday update, Microsoft addressed 90 security vulnerabilities, including two critical zero-day exploits currently being actively exploited in the wild (CVE-2024-49039 and CVE-2024-49039). This also update includes fixes for issues impacting Windows NT LAN Manager (NTLM)… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/november-2024-patch-tuesday-cve-2024-49039/
-
Microsoft blocks Windows 11 24H2 on some PCs with USB scanners
Microsoft now blocks the Windows 11 24H2 update on computers with standalone scanners, multi-function printers, fax machines, modems, and other network devices with eSCL protocol support. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-blocks-windows-11-24h2-on-some-pcs-with-usb-scanners/
-
Microsoft president asks Trump to “push harder” against Russian hacks
by
in SecurityNewsBrad Smith wants US to take a tougher approach to state-sponsored cyberattacks. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/11/microsoft-president-asks-trump-to-push-harder-against-russian-hacks/