Tag: microsoft
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39
by
in SecurityNews
Tags: android, detection, framework, Hardware, international, malware, marketplace, microsoft, ransomware, serviceSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware Shedding light on the ABYSSWORKER driver VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI Raspberry Robin: Copy…
-
Microsoft’s killing script used to avoid Microsoft Account in Windows 11
by
in SecurityNewsMicrosoft has removed the ‘BypassNRO.cmd’ script from Windows 11 preview builds, which allowed users to bypass the requirement to use a Microsoft Account when installing the operating system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsofts-killing-script-used-to-avoid-microsoft-account-in-windows-11/
-
Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching, alert fatigue Microsoft … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/30/week-in-review-chrome-sandbox-escape-0-day-fixed-microsoft-adds-new-ai-agents-to-security-copilot/
-
Executive Perspectives: Pierre Noel on Cybersecurity Leadership, Risk, and Resilience
by
in SecurityNewsIn this edition of Axio’s Executive Insight Series, Scott Kannry, CEO of Axio, sits down with Pierre Noel, former CISO of Microsoft Asia and Huawei, to discuss the evolution of Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/executive-perspectives-pierre-noel-on-cybersecurity-leadership-risk-and-resilience/
-
Phishing-Alarm: Microsoft Word erzeugt PDF-Phishing-Link
by
in SecurityNewsMir ist von einem Blog-Leser eine sehr krude Geschichte zugespielt worden. Ein mit Microsoft Word erzeugtes Dokument enthielt eine WebEx-Einladung. Durch die Silbentrennung wurde ein “Phishing-Link” erzeugt, der auf obskure Seiten umleitete. Später stellte sich heraus, dass die PDF-Konverter die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/29/phishing-alarm-microsoft-word-erzeugt-pdf-phishing-link/
-
Now Windows Longhorn is long gone, witness reflects on Microsoft’s OS belly-flop
by
in SecurityNews‘This was not good dog food’ First seen on theregister.com Jump to article: www.theregister.com/2025/03/27/looking_back_at_windows_longhorn/
-
Microsoft fixes button that restores classic Outlook client
by
in SecurityNewsMicrosoft resolved an issue that caused the new Outlook email client to crash when users clicked a button designed to switch back to classic Outlook. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-button-that-restores-classic-outlook-client/
-
Microsoft fixes Remote Desktop issues caused by Windows updates
by
in SecurityNewsMicrosoft has fixed a known issue that caused problems with Remote Desktop and RDS connections after installing Windows updates released since January 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remote-desktop-issues-caused-by-windows-updates/
-
Hijacked Microsoft web domain injects spam into SharePoint servers
by
in SecurityNewsThe legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/hijacked-microsoft-stream-classic-domain-spams-sharepoint-sites/
-
Microsoft-Nutzer brauchen bald kein Passwort mehr für die Anmeldung
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/microsoft-nutzer-brauchen-bald-kein-passwort-mehr-fuer-die-anmeldung-1680389/
-
Salt Typhoon may have upgraded backdoors for efficiency and evasion
by
in SecurityNewsCrowDoor and attributed to the Earth Estries APT group in November 2024.”GhostSparrow, aka Salt Typhoon (Microsoft), Earth Estries (Trend Micro), Ghost Emperor (Kaspersky Labs), and UNC2286 (Mandiant), has escalated cyber espionage, breaching US telecom networks and accessing data on over a million individuals. One of the key features ESET reported on the two previously unseen…
-
Microsoft Teams Phishing Attacks: What to Know and What to Do
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/microsoft-teams-phishing-attacks-what-to-know-and-what-to-do
-
Microsoft’s .NET MAUI tool leveraged for stealthy Android malware deployment
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/microsofts-net-maui-tool-leveraged-for-stealthy-android-malware-deployment
-
Microsoft’s .NET MAUI Tool Leveraged for Android Malware Deployment
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/microsofts-net-maui-tool-leveraged-for-android-malware-deployment
-
Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection
Microsoft’s .NET MAUI lets developers build cross-platform apps in C#, but its use of binary blob files poses new risks by bypassing Android’s DEX-based security checks. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-android-malware-microsoft-net-maui/
-
Windows 11 KB5053656 update released with 38 changes and fixes
by
in SecurityNewsMicrosoft has released the KB5053656 preview cumulative update for Windows 11 24H2 with 38 changes, including real-time translation on AMD and Intel-powered Copilot+ PCs and fixes for authentication and blue-screen issues. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5053656-update-released-with-38-changes-and-fixes/
-
New Windows scheduled task will launch Office apps faster
by
in SecurityNewsIn May, Microsoft plans to roll out a new Windows scheduled task that launches automatically to help Microsoft Office apps load faster. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-windows-scheduled-task-will-launch-office-apps-faster/
-
Threat Actors Use Fake Booking.com Emails to Deceive Hotel Staff and Gain System Access
by
in SecurityNewsA sophisticated phishing campaign targeting the hospitality industry has been uncovered, with threat actors impersonating Booking.com to gain access to hotel systems and customer data. Microsoft Threat Intelligence has attributed the ongoing attacks, which began in December 2024 and continued through February 2025, to a group known as Storm-1865. The campaign primarily targets North America,…
-
Recent Windows Server 2025 updates cause Remote Desktop freezes
by
in SecurityNewsMicrosoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/recent-windows-server-2025-updates-cause-remote-desktop-freezes/
-
Top 3 MS Office Exploits Hackers Use in 2025 Stay Alert!
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system.Here are the top three Microsoft Office-based exploits still making the rounds this year…
-
Microsoft bestätigt: Windows-Updates nerven Nutzer seit Januar mit RDP-Problemen
by
in SecurityNewsSeit Wochen brechen RDP-Sitzungen unter Windows 11 und Windows Server 2025 immer wieder unerwartet ab. Nun hat auch Microsoft das Problem erkannt. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bestaetigt-windows-updates-nerven-nutzer-seit-januar-mit-rdp-problemen-2503-194725.html
-
Die 10 häufigsten IT-Sicherheitsfehler
by
in SecurityNewsVon ungepatchten Sicherheitslücken bis hin zu unzureichenden Backups: Lesen Sie, wie sich die häufigsten IT-Sicherheitsfehler vermeiden lassen. Verschlüsselte Dateien und eine Textdatei mit einer Erpresser-Nachricht zeigen klar und deutlich: Ein Unternehmen ist einer Cyberattacke zum Opfer gefallen. Dabei ist das nur das Ende einer langen Angriffskette. Die Tätergruppe bewegt sich oft seit mehreren Wochen oder Monaten…
-
Malicious Android Apps Evade Detection: McAfee
by
in SecurityNewsCybersecurity Firm Finds Rash of Apps Coded With Microsoft .NET MAUI. Cybercriminals are using a Microsoft cross-platform app development framework to create Android malware that bypasses security measures, evades detection and steals user data. Malicious apps spotted by McAfee researchers aren’t traditional Android malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/malicious-android-apps-evade-detection-mcafee-a-27836
-
Recent Windows updates cause Remote Desktop issues
by
in SecurityNewsMicrosoft says that some customers might experience Remote Desktop and RDS connection issues after installing recent Windows updates released since January 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-recent-windows-updates-cause-remote-desktop-issues/
-
Windows MMC Framework Zero-Day Exploited to Execute Malicious Code
by
in SecurityNewsTrend Research has uncovered a sophisticated campaign by the Russian threat actor Water Gamayun, exploiting a zero-day vulnerability in the Microsoft Management Console (MMC) framework. The vulnerability, dubbed MSC EvilTwin (CVE-2025-26633), allows attackers to execute malicious code on infected machines. The attack manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and…
-
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
by
in SecurityNewsThe threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC.”In this attack, the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious…
-
Russian threat actor weaponized Microsoft Management Console flaw
by
in SecurityNewsA threat actor known as “EncryptHub” began exploiting the zero-day vulnerability before it was patched earlier this month. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russian-threat-actor-weaponizing-microsoft-management-console-zero-day/743558/
-
KI-Agenten erobern die Cybersicherheitsbranche
by
in SecurityNews
Tags: ai, cloud, cyberattack, cyersecurity, edr, governance, identity, intelligence, mail, microsoft, phishing, soar, soc, strategy, threat, tool, update, vulnerabilityMicrosoft führt KI-Agenten ein, um die Cybersicherheit angesichts zunehmender Bedrohungen zu automatisieren.KI-Agenten, die in der Lage sind, Code auszuführen und Websuchen durchzuführen, gewinnen in der gesamten Tech-Branche an Bedeutung. Ein weiteres Feld, welches immer wichtiger wird, ist automatisierte Sicherheit.Diese Tools sind geeignet für Aufgaben wiePhishing-Erkennung,Datenschutz undIdentitätsmanagement.Hierbei handelt es sich um Bereiche, in denen Angreifer unvermindert…
-
Do You Own Your Permissions, or Do Your Permissions Own You?
by
in SecurityNews
Tags: attack, computer, credentials, data, data-breach, exploit, microsoft, powershell, update, vulnerabilitytl;dr: Less FPs for Owns/WriteOwner and new Owns/WriteOwnerLimitedRights edges Before we get started, if you’d prefer to listen to a 10-minute presentation instead of or to supplement reading this post, please check out the recording of our most recent BloodHound Release Recap webinar. You can also sign up for future webinars here. Back in August, a…
-
Microsoft fixes printing issues caused by January Windows updates
by
in SecurityNewsMicrosoft has fixed a known issue causing some USB printers to start printing random text after installing Windows updates released since late January 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-printing-issues-caused-by-january-windows-updates/