Tag: microsoft
-
Criminal Subscription Service Behind AI-Powered Cyber-Attacks Taken Out By Microsoft
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/criminal-subscription-service/
-
Microsoft Fixes Three Zero-Days on Busy Patch Tuesday
Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-three-zerodays-busy/
-
January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention
More priorities: Executives should also prioritize rapid patching and risk reduction efforts this month around the Windows Local Security Authority Subsystem Service Remote Code Execution, Windows Graphics Component Elevation of Privilege, and Windows Virtualization Based Security Enclave Elevation of Privilege flaws, Bicer said, as these vulnerabilities directly enable full system or trust boundary compromise.Strategic focus…
-
Microsoft Patchday Januar 2026 – Viele kritische Schwachstellen und immer mehr Rechteausweitungen
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-patchday-januar-2026-patches-updates-a-a9ca331e209026f83e5793905fb06182/
-
Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
Tags: attack, credentials, cybercrime, infrastructure, marketplace, microsoft, phishing, service, theft, toolThe service became a prolific tool for cybercriminals in the past year, as it facilitated thousands of attacks involving credential theft, account takeovers, mass phishing and payment diversion fraud. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-disrupts-redvds-cybercrime-marketplace/
-
Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed
Microsoft kicks off 2026 with 115 security updates, including a fix for an actively exploited zero-day. Protect your Windows and Office systems today. First seen on hackread.com Jump to article: hackread.com/microsoft-january-2026-patch-tuesday-vulnerabilities/
-
U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Windows vulnerability, tracked as CVE-2026-20805 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft Patch Tuesday security updates for January 2026 release…
-
Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium…
-
Microsoft Patch Tuesday addresses 112 defects, including one actively exploited zero-day
Researchers said the information disclosure zero-day exposes sensitive information that attackers can use to undermine defenses and make other exploits more reliable. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-patch-tuesday-january-2026/
-
Microsoft patches 112 CVEs on first Patch Tuesday of 2026
January brings a larger-than-of-late Patch Tuesday update out of Redmond, but an uptick in disclosures is often expected at this time of year. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637296/Microsoft-patches-112-CVEs-on-first-Patch-Tuesday-of-2026
-
Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day
The vendor’s first Patch Tuesday of the year also contains fixes for 112 CVEs, nearly double the amount from last month. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsofts-starts-2026-bang-zero-day
-
New Windows updates replace expiring Secure Boot certificates
Microsoft has started rolling out new Secure Boot certificates that will automatically install on eligible Windows 11 24H2 and 25H2 systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-rolls-out-new-secure-boot-certificates-for-windows-devices/
-
New Windows updates replace expiring Secure Boot certificates
Microsoft has started rolling out new Secure Boot certificates that will automatically install on eligible Windows 11 24H2 and 25H2 systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-rolls-out-new-secure-boot-certificates-for-windows-devices/
-
Microsoft releases Windows 10 KB5073724 extended security update
Microsoft has released the KB5073724 extended security update to fix the Patch Tuesday security updates, including 3 zero-days and a fix for expiring Secure Boot certificates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5073724-extended-security-update/
-
Windows 11 KB5074109 & KB5073455 cumulative updates released
Microsoft has released Windows 11 KB5074109 and KB5073455 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5074109-and-kb5073455-cumulative-updates-released/
-
Microsoft Patch Tuesday for January 2026, Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as “critical”. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/microsoft-patch-tuesday-january-2026/
-
Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
Today is Microsoft’s January 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/
-
Microsoft’s Rob Lefferts On Rise Of AI Attacks: ‘Be Prepared To Go Faster’
As AI-powered cyberattacks become even more autonomous and widespread, cybersecurity teams will need to adapt by becoming faster and more sophisticated in their response capabilities, according to Microsoft security executive Rob Lefferts. First seen on crn.com Jump to article: www.crn.com/news/security/2026/microsoft-s-rob-lefferts-on-rise-of-ai-attacks-be-prepared-to-go-faster
-
Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds
New research from Recorded Future reveals how Russian state hackers (BlueDelta) are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims. First seen on hackread.com Jump to article: hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/
-
Tenable Is a Gartner® Peer Insights Customers’ Choice for Cloud-Native Application Protection Platforms
Tags: ai, api, attack, automation, banking, ciso, cloud, compliance, control, cybersecurity, data, detection, gartner, google, governance, healthcare, identity, infrastructure, microsoft, risk, risk-management, service, software, strategy, technology, tool, vulnerability, vulnerability-managementThis recognition, based entirely on feedback from the people who use our products every day, to us is a testament to the unmatched value Tenable Cloud Security CNAPP offers organizations worldwide. Our key takeaways: In our view, this peer recognition confirms Tenable’s strategic value in helping organizations worldwide, across all industry sectors, preemptively close critical…
-
Microsoft is retiring the Lens scanner app for iOS, Android
Microsoft has started retiring the Microsoft Lens PDF scanner app for Android and iOS devices on Friday, January 9th, with plans to remove it from app stores next month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-is-retiring-the-lens-scanner-app-for-ios-android/
-
Prevent cloud data leaks with Microsoft 365 access reviews
Microsoft 365 has made file sharing effortless, but that convenience often leaves organizations with little visibility into who can access sensitive data. Tenfold explains how access reviews for shared cloud content can help organizations regain visibility, reduce unnecessary permissions, and prevent data leaks in Microsoft 365. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/prevent-cloud-data-leaks-with-microsoft-365-access-reviews/
-
ClickFix-Angriffsvariante ConsentFix: So tricksen Hacker Microsoft-Konten aus
Durch diesen Trick erhalten die Angreifer den OAuth-Schlüssel und können eine Verbindung zwischen ihrem eigenen System und dem Microsoft-Konto des Opfers herstellen ohne Passwortdiebstahl oder Umgehung der Multi-Faktor-Authentifizierung. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/clickfix-angriffsvariante-consentfix-so-tricksen-hacker-microsoft-konten-aus/a43332/
-
Support-Ende Windows 10 & Co – Diese Produkte hat Microsoft 2025 ausgemustert
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-support-ende-ausmusterung-2025-windows-10-a-00435335eb106f9183afe292c693fbf8/
-
Windows 11: IT-Admins dürfen Copilot wohl bald per Richtlinie entfernen
Microsoft testet eine neue Richtlinie, mit der IT-Admins Copilot von verwalteten Geräten entfernen können. Doch es gibt Einschränkungen. First seen on golem.de Jump to article: www.golem.de/news/windows-11-insider-preview-admins-koennen-copilot-app-per-richtlinie-entfernen-2601-204058.html
-
Windows 11 Insider Preview: Admins können Copilot-App per Richtlinie entfernen
Microsoft testet eine neue Richtlinie, mit der IT-Admins Copilot von verwalteten Geräten entfernen können. Doch es gibt Einschränkungen. First seen on golem.de Jump to article: www.golem.de/news/windows-11-insider-preview-admins-koennen-copilot-app-per-richtlinie-entfernen-2601-204058.html
-
Trotz Kritik und möglicher Sicherheitsrisiken – Microsoft treibt agentenbasiertes Windows 11 weiter voran
First seen on security-insider.de Jump to article: www.security-insider.de/windows-11-ki-entfernen-skript-a-bb4cc6faef3011bbdadc0d99c8dced77/