Tag: microsoft
-
Microsoft AI findet Schwachstellen in Open-Source-Boot-Loader
by
in SecurityNewsMicrosoft hat seine AI-Lösung Microsoft Security CoPilot verwendet, um mehrere Boot-Loader, darunter den von Linux verwendeten Open-Source-Boot-Loader Grub, sowie U-boot und Barebox, auf Schwachstellen abzuklopfen. Dabei wurden gleich mehrere Schwachstellen entdeckt wobei die Verwendung von AI das Auffinden von … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/06/microsoft-ai-findet-schwachstellen-in-open-source-boot-loader/
-
CYFOX Launches Email Security Solution with Direct Microsoft 365 Integration
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/cyfox-launches-email-security-solution-with-direct-microsoft-365-integration
-
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
by
in SecurityNewsA likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a “conflicted” individual straddling a legitimate career in cybersecurity and pursuing cybercrime.In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming…
-
Proaktive Sicherheitsansätze senken Cyberrisiko deutlich
by
in SecurityNewsRisikobehaftete Zugriffe auf Cloud-Applikationen sowie die Nutzung veralteter Microsoft Entra-ID-Konten zählen bei Unternehmen zu den größten Gefahren. Trend Micro, Anbieter von Cybersicherheitslösungen, gab einen Rückgang des Cyberrisikos bekannt, der sich in den Kennzahlen seines Cyber Risk Index (CRI) widerspiegelt. Mit einem Jahresdurchschnitt von 38,4 lag der Wert für 2024 um 6,2 Punkte unter dem CRI……
-
Windows intros 365 Link, a black box that does nothing but connect to Microsoft’s cloud
by
in SecurityNewsAnd it can be yours for a rather steep $349 First seen on theregister.com Jump to article: www.theregister.com/2025/04/03/windows_365_link/
-
Attackers Abuse Remote Desktop Protocol, Microsoft Binaries
by
in SecurityNewsInvestigators See Ongoing Use of Living-Off-the-Land Binaries, Frequent RDP Abuse. Incident responders studying last year’s top attacker tools, tactics and procedures have urged cyber defenders to monitor for the unusual use of legitimate administrator tools, suspicious use of Remote Desktop Protocol, as well as attempts by attackers to hide their tracks by wiping logs. First…
-
Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks
by
in SecurityNewsAs the United States approaches Tax Day on April 15, cybersecurity experts have uncovered a series of sophisticated phishing campaigns leveraging tax-related themes to exploit unsuspecting users. Microsoft has identified these campaigns as employing advanced redirection techniques such as URL shorteners and QR codes embedded in malicious attachments to evade detection. By abusing legitimate services…
-
AI Security Got Complicated Fast. Here’s How Microsoft is Simplifying It
by
in SecurityNewsMicrosoft’s approach offers a compelling opportunity to secure AI, leverage AI-driven security tools and establish a self-reinforcing ecosystem where AI agents effectively collaborate within defined organizational boundaries First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/ai-security-got-complicated-fast-heres-how-microsoft-is-simplifying-it/
-
Windows 10 Support-Ende: Microsoft setzt auf Upgrade oder Recycling
by
in SecurityNewsMicrosoft beendet 2025 den Support für Windows 10 und fordert Nutzer auf, ihre alten PCs zu recyceln oder auf Windows 11 umzusteigen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/windows-10-support-ende-microsoft-setzt-auf-upgrade-oder-recycling-312791.html
-
Microsoft Boosts Email Sender Rules for Outlook
by
in SecurityNewsThe tech giant will enforce new email authentication protocols for Outlook users who send large volumes of email beginning on May 5. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/microsoft-boosts-email-sender-rules-outlook
-
Privilegierte Zugänge werden zum Sicherheitsrisiko
by
in SecurityNews
Tags: access, ai, api, apple, authentication, best-practice, cisco, cloud, cyber, cyberattack, dark-web, hacker, mail, malware, mfa, microsoft, password, phishing, ransomware, risk, service, tool, vpn, vulnerabilityKriminelle bevorzugen Phishing als Erstzugriffsmethode und nutzen legale Tools für unauffällige Angriffe auf sensible Systeme, wie eine aktuelle Studie herausfand.Der Missbrauch legitimer privilegierter Zugänge (legitimate privileged access) nimmt zu . Wie der Cisco Talos’ Jahresrückblick 2024 herausfand, nutzten Angreifer immer öfter gestohlene Identitäten für ihre Attacken, darunter auch Ransomware-Erpressungen. Dafür missbrauchen die HackerAnmeldedaten,Tokens,API-Schlüssel undZertifikate.Angriffe dieser…
-
Neue Maßstäbe für Datensicherheit – Mit der richtigen Backup-Strategie Microsoft-365-Daten sichern
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/mit-der-richtigen-backup-strategie-microsoft-365-daten-sichern-a-70ac636a95a3a0852e5a03a377da228e/
-
Windows 11 Forces Microsoft Account Sign In Removes Bypass Trick Option
by
in SecurityNewsMicrosoft is killing the Windows 11 bypass trick, soon, all setups will require internet and a Microsoft Account, leaving privacy-conscious users with fewer options. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-11-setup-microsoft/
-
39M secrets exposed: GitHub rolls out new security tools
by
in SecurityNews39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code. Microsoft-owned code hosting platform GitHub announced the discovery of 39 million secrets leaked in 2024. The exposure of this sensitive information poses a serious risk to…
-
April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft
by
in SecurityNewsMicrosoft is continuing to build on their AI cybersecurity strategy and this month announced the introduction of new agents in Microsoft Security Copilot. They are introducing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/04/april-2025-patch-tuesday-forecast/
-
Bill Gates unearths Microsoft’s ancient code like a proud nerd dad
by
in SecurityNews
Tags: microsoftFounder shares 4K Altair BASIC source ahead of 50th anniversary First seen on theregister.com Jump to article: www.theregister.com/2025/04/03/bill_gates_altair_basic/
-
Data doesn’t lie, but Microsoft’s new Power BI prices might make you cry
by
in SecurityNewsHike is no joke and users are not laughing First seen on theregister.com Jump to article: www.theregister.com/2025/04/02/microsoft_power_bi_hikes/
-
How attackers exploit Microsoft 365 from the inside and what to do about it
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/how-attackers-exploit-microsoft-365-from-the-inside-and-what-to-do-about-it
-
Microsoft touts bug finds from Security Copilot
by
in SecurityNews
Tags: microsoftFirst seen on scworld.com Jump to article: www.scworld.com/news/microsoft-security-copilot-assists-discovery-of-bootloader-flaws
-
Microsoft starts testing Windows 11 taskbar icon scaling
by
in SecurityNewsMicrosoft is testing a new taskbar icon scaling feature that automatically scales down Windows taskbar icons to show more apps when it gets too overcrowded. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-windows-11-taskbar-icon-scaling/
-
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
by
in SecurityNewsMicrosoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials.”These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared with…
-
Phishers are increasingly impersonating electronic toll collection companies
by
in SecurityNewsSteam was the most imitated brands by phishers in the first quarter of 2025, followed by Microsoft and Facebook/Meta, Guardio researchers have revealed. >>Historically, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/electronic-toll-collection-phishing/
-
Delinea and Microsoft Partner to Provide Smooth Migration Path as Entra Permissions Management Sunsets
by
in SecurityNews
Tags: microsoftFirst seen on scworld.com Jump to article: www.scworld.com/news/delinea-and-microsoft-partner-to-provide-smooth-migration-path-as-entra-permissions-management-sunsets
-
Microsoft Teams, other tools exploited in new vishing scam
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-teams-other-tools-exploited-in-new-vishing-scam
-
Microsoft adds hotpatching support to Windows 11 Enterprise
by
in SecurityNewsMicrosoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-adds-hotpatching-support-to-windows-11-enterprise/
-
Independent tests show why orgs should use third-party cloud security services
AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions. First seen on cyberscoop.com Jump to article: cyberscoop.com/independent-tests-show-why-orgs-should-use-third-party-cloud-security-services/
-
Microsoft’s AI tool catches critical GRUB2, U-boot bootloader flaws
by
in SecurityNews
Tags: access, ai, control, cybersecurity, exploit, firmware, flaw, Hardware, microsoft, mitigation, monitoring, risk, soc, supply-chain, tool, update, vulnerability, vulnerability-management, zero-dayAI-powered discovery changes the cybersecurity landscape: Microsoft’s Security Copilot tool significantly accelerated the vulnerability identification process, with a particular focus on filesystem implementations due to their high vulnerability potential.”Using Security Copilot, we were able to identify potential security issues in bootloader functionalities, focusing on filesystems due to their high vulnerability potential,” the blog stated. “This…
-
QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials
by
in SecurityNewsCybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a tactic known as >>quishing.