Tag: microsoft
-
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
by
in SecurityNews
Tags: apt, attack, credentials, email, group, hacking, intelligence, korea, malware, microsoft, north-korea, office, phishing, spear-phishing, windowsThe North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).The attacks commence with phishing emails containing a Windows shortcut (LNK) file that’s disguised as a Microsoft Office or PDF document. First…
-
KB5050094: Microsoft nervt Nutzer mit neuen Bugs in Windows 11
by
in SecurityNewsZahlreiche Nutzer beklagen neue Probleme mit dem Windows-11-Update KB5050094. Bei vielen spinnt der Mauszeiger, bei anderen schlägt das Update fehl. First seen on golem.de Jump to article: www.golem.de/news/kb5050094-microsoft-nervt-nutzer-mit-neuen-bugs-in-windows-11-2502-193080.html
-
Ubuntu Officially Available on the Updated Windows Subsystem for Linux
by
in SecurityNewsUbuntu has announced its availability on Microsoft’s new tar-based Windows Subsystem for Linux (WSL) distribution architecture. This enhancement simplifies deployment and improves scalability, making Ubuntu on WSL more accessible and optimized for enterprise environments. Ubuntu has long been a popular choice among developers using WSL, thanks to its robust ecosystem and compatibility with development tools.…
-
In The News – TCEA 2025: 10 Ways K12 Schools Can Secure Their Microsoft and Google Environments
This article was originally published in EdTech Magazine on 02/03/25 by Taashi Rowe. These simple steps can help schools comply with federal laws while protecting networks and student data. Hackers don’t have to use very sophisticated, high-tech exploits to get into a school’s security system. Sometimes, schools unintentionally make it easy for bad actors to…
-
New Microsoft script updates Windows media with bootkit malware fixes
by
in SecurityNewsMicrosoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new “Windows UEFI CA 2023” certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-microsoft-script-updates-windows-media-with-bootkit-malware-fixes/
-
Microsoft script updates bootable media for BlackLotus bootkit fixes
by
in SecurityNewsMicrosoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new “Windows UEFI CA 2023” certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-script-updates-bootable-media-for-blacklotus-bootkit-fixes/
-
Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/microsoft-fixes-cvss-9-9-vulnerability-in-azure-ai-face-service
-
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
by
in SecurityNewsCybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments.Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks.”Originally sourced from public First seen…
-
Chinese CDN Exploiting AWS Microsoft Cloud to Host Malicious Websites
by
in SecurityNews
Tags: china, cloud, cyber, cybercrime, cybersecurity, exploit, malicious, microsoft, network, serviceA recent investigation by cybersecurity firm Silent Push has revealed how a China-linked Content Delivery Network (CDN), known as FUNNULL, is exploiting major cloud providers like Amazon Web Services (AWS) and Microsoft Azure to host malicious websites. The technique, termed >>infrastructure laundering,
-
Umgehen der Voraussetzungen von Windows 11 ist unerwünscht
by
in SecurityNewsMicrosoft entfernt Hinweise für einen Registry-Key, mit dem Windows 11 auf älteren Systemen läuft. Auch wird Flyby11 als Malware markiert. First seen on golem.de Jump to article: www.golem.de/news/microsoft-umgehen-der-voraussetzungen-von-windows-11-ist-unerwuenscht-2502-193059.html
-
Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials
by
in SecurityNewsA global phishing campaign is actively exploiting a legacy Microsoft authentication system to steal user credentials and bypass multi-factor authentication (MFA), targeting over 150 organizations. First seen on hackread.com Jump to article: hackread.com/hackers-fake-microsoft-adfs-login-pages-steal-credentials/
-
CISA Issues Exploitation Warning for .NET Vulnerability
by
in SecurityNewsCISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-issues-exploitation-warning-for-net-vulnerability/
-
Microsoft Defender Privacy Protection – Das VPN-Feature, das Microsoft loswerden will
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-defender-privacy-protection-aenderungen-funktionen-a-39174feadefacbe603445a67efd2afc8/
-
CISA Adds Actively Exploited Apache and Microsoft Vulnerabilities to its Database
by
in SecurityNews
Tags: apache, cisa, cyber, cybersecurity, exploit, flaw, framework, infrastructure, kev, microsoft, network, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with several critical security flaws, prompting heightened vigilance among organizations using affected software platforms. Among these newly added vulnerabilities are severe flaws in Apache OFBiz, Microsoft .NET Framework, and Paessler PRTG Network Monitor. These vulnerabilities, if exploited, could enable attackers to…
-
Windows 10/11 KB5053484: Neues PS-Script für Zertifikate in Boot-Medien
by
in SecurityNewsMicrosoft hat gerade ein neues PowerShell-Script für Windows 10 und Windows 11 veröffentlicht, welches die Boot-Medien aktualisiert. Dadurch soll sichergestellt werden, dass das Windows UEFI CA 2023 Zertifikat in naher Zukunft akzeptiert wird. Das Ganze steht im Kontext zur Black … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/05/windows-10-11-kb5053484-neues-ps-script-fuer-zertifikate-in-boot-medien/
-
Fraudulent Google Ads Seek To Breach The Credentials of Microsoft Advertisers
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/fraudulent-google-ads-seek-to-breach-the-credentials-of-microsoft-advertisers
-
Chinese ‘Infrastructure Laundering’ Abuses AWS, Microsoft Cloud
by
in SecurityNewsFunnull CDN rents IPs from legitimate cloud service providers and uses them to host criminal websites, continuously cycling cloud resources in and out of use and acquiring new ones to stay ahead of cyber-defender detection. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/chinese-infrastructure-laundering-abuses-aws-microsoft-cloud
-
Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA
by
in SecurityNewsA sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phishing-attack-bypasses-microsoft/
-
CVE-2025-21415: Critical Flaw in Azure AI Face Service
by
in SecurityNewsMicrosoft has addressed two critical security vulnerabilities that posed potential threats to its cloud-based services. The patches resolve security flaws affecting Azure AI Face Service and Microsoft Account, both of which could have allowed malicious actors to escalate privileges under… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-21415-azure-ai-face-service/
-
Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
by
in SecurityNewsA recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics such as brute force login attempts and Adversary-in-the-Middle (AiTM) techniques. With a growing reliance on…
-
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
by
in SecurityNewsMicrosoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions.The flaws are listed below -CVE-2025-21396 (CVSS score: 7.5) – Microsoft Account Elevation of Privilege VulnerabilityCVE-2025-21415 (CVSS score: 9.9) – Azure AI Face Service First…
-
Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform
by
in SecurityNewsCybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user’s credentials and stage follow-on attacks.This could manifest in the form of post-exploitation actions that allow the attacker to send requests to the SharePoint API on behalf…
-
Microsoft Will Remove the Free VPN That Comes With Windows Defender Soon
by
in SecurityNewsThe feature will no longer be available starting Feb. 28. Microsoft wants to focus on “new areas that will better align to customer needs.” First seen on techrepublic.com Jump to article: www.techrepublic.com/article/microsoft-defender-vpn-removed/
-
Microsoft Sets End Date for Defender VPN
Though Windows, iOS, and macOS users won’t need to make any changes, Android users are advised to remove their Defender VPN profiles. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/microsoft-sets-end-date-for-defender-vpn
-
New Microsoft Unit to Navigate Impact of AI
by
in SecurityNews‘Advanced Planning Unit’ to Focus on Societal, Economic, Workplace Implications. Microsoft has created a new research-focused entity as part of its artificial intelligence division to analyze and anticipate the technology’s societal, economic and workplace implications. It will report directly to Mustafa Suleyman, CEO of Microsoft AI. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-microsoft-unit-to-navigate-impact-ai-a-27436
-
Fraudulent Google ads seek to breach Microsoft advertisers’ credentials
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/fraudulent-google-ads-seek-to-breach-microsoft-advertisers-credentials
-
Further Adventures With CMPivot”Š”, “ŠClient Coercion
by
in SecurityNewsFurther Adventures With CMPivot”Š”, “ŠClient Coercion Perfectly Generated AI Depiction based on Title TL:DR CMPivot queries can be used to coerce SMB authentication from SCCM client hosts Introduction CMPivot is a component part of the Configuration Manager framework. With the rise in popularity for ConfigMgr as a target in red team operations, this post looks to cover a…
-
Microsoft kills off Defender ‘Privacy Protection’ VPN feature
by
in SecurityNewsMicrosoft announced it is killing off its Privacy Protection VPN feature in the Microsoft Defender app at the end of the month to focus on other features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-kills-off-defender-privacy-protection-vpn-feature/