Tag: microsoft
-
Microsoft’s AI tool catches critical GRUB2, U-boot bootloader flaws
by
in SecurityNews
Tags: access, ai, control, cybersecurity, exploit, firmware, flaw, Hardware, microsoft, mitigation, monitoring, risk, soc, supply-chain, tool, update, vulnerability, vulnerability-management, zero-dayAI-powered discovery changes the cybersecurity landscape: Microsoft’s Security Copilot tool significantly accelerated the vulnerability identification process, with a particular focus on filesystem implementations due to their high vulnerability potential.”Using Security Copilot, we were able to identify potential security issues in bootloader functionalities, focusing on filesystems due to their high vulnerability potential,” the blog stated. “This…
-
QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials
by
in SecurityNewsCybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a tactic known as >>quishing.
-
Hackers Exploit Microsoft Teams Messages to Deliver Malware
by
in SecurityNews
Tags: attack, corporate, credentials, cyber, cybersecurity, defense, exploit, hacker, malicious, malware, microsoft, powershell, tactics, vulnerabilityCybersecurity experts have uncovered a new malware campaign targeting Microsoft Teams users to infiltrate corporate systems. By exploiting the platform’s communication vulnerabilities and leveraging malicious PowerShell scripts, attackers bypassed traditional defenses, delivering malware capable of stealing credentials and establishing persistent backdoors. The attack demonstrates an alarming evolution in malware delivery tactics through trusted collaboration platforms.…
-
Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities
by
in SecurityNewsUsing the Security Copilot tool, Microsoft discovered 20 critical vulnerabilities in widely deployed open-source bootloaders. The post Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-using-ai-to-uncover-critical-bootloader-vulnerabilities/
-
New Windows 11 trick lets you bypass Microsoft Account requirement
by
in SecurityNewsA previously unknown trick lets you easily bypass using a Microsoft Account in Windows 11, just as Microsoft tries to make it harder to use local accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-windows-11-trick-lets-you-bypass-microsoft-account-requirement/
-
AI-powered agents bolster Microsoft’s security capabilities
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ai-powered-agents-bolster-microsofts-security-capabilities
-
Microsoft warns of critical flaw in Canon printer drivers
by
in SecurityNewsMicrosoft’s offensive security team discovered a critical code execution vulnerability impacting Canon printer drivers. Researchers at Microsoft’s Offensive Research and Security Engineering (MORSE) team have discovered a critical code execution vulnerability, tracked as CVE-2025-1268 (CVSS score of 9.4), impacting Canon printer drivers. The vulnerability is an out-of-bounds issue that resides in certain printer drivers for…
-
OpenAI Raises $40B in Record Private Funding Round
by
in SecurityNewsAI Giant Eyes Expansion Amid Structural Challenges. OpenAI on Monday closed a record $40 billion funding round, valuing it at $300 billion. SoftBank led with $30 billion, joined by Microsoft and others. Operational shifts accompanied OpenAI’s expansion. CEO Sam Altman announced stepping back from daily operations to focus on innovation. First seen on govinfosecurity.com Jump…
-
Microsoft to mark five decades of Ctrl-Alt-Deleting the competition
by
in SecurityNews
Tags: microsoftCopilot told us that half a century is 25 years. It feels much longer First seen on theregister.com Jump to article: www.theregister.com/2025/04/01/50_years_of_microsoft/
-
New Phishing Attack Combines Vishing and DLL Sideloading Techniques
A new attack targeting Microsoft Teams users used vishing, remote access tools and DLL sideloading to deploy a JavaScript backdoor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phishing-attack-combines-vishing/
-
Microsoft Teams Vishing Used to Deploy Malware via TeamViewer
by
in SecurityNewsA vishing scam via Microsoft Teams led to attackers misusing TeamViewer to drop malware and stay hidden using simple but effective techniques. First seen on hackread.com Jump to article: hackread.com/microsoft-teams-vishing-deploy-malware-via-teamviewer/
-
Critical Vulnerability Found in Canon Printer Drivers
by
in SecurityNewsMicrosoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers. The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerability-found-in-canon-printer-drivers/
-
Microsoft Discovers GRUB2, U-Boot, and Barebox Bootloader Flaws with Copilot
by
in SecurityNewsMicrosoft has disclosed the discovery of multiple critical vulnerabilities within the GRUB2, U-Boot, and Barebox bootloaders, leveraging its AI-driven Security Copilot platform for advanced threat analysis. These bootloaders, integral to the Unified Extensible Firmware Interface (UEFI) Secure Boot framework and widely deployed in embedded systems, were found to contain exploitable flaws that could compromise system…
-
Per KI aufgespürt: Microsoft warnt vor Lücken in Grub2 und anderen Bootloadern
by
in SecurityNewsMit einem KI-Tool hat Microsoft 20 Sicherheitslücken in weitverbreiteten Bootloadern aufgespürt. Angreifer können damit etwa Bootkits einschleusen. First seen on golem.de Jump to article: www.golem.de/news/per-ki-aufgespuert-microsoft-warnt-vor-luecken-in-grub2-und-anderen-bootloadern-2504-194879.html
-
CVE-2025-26633: MSC EvilTwin Zero-Day Exploited by Water Gamayun
by
in SecurityNewsIn early 2025, cybersecurity researchers uncovered a zero-day vulnerability in Microsoft’s Management Console (MMC), tracked as CVE-2025-26633 and nicknamed MSC EvilTwin. This critical flaw is being actively exploited by a threat group dubbed Water Gamayun and represents a dangerous vector… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-26633-eviltwin-exploit/
-
Copilot+ PCs mit Windows 11 – Microsoft gibt AI-Features auch für AMD und Intel frei
by
in SecurityNewsDie AI-Zusatzfunktionen von Copilot+ PCs waren bislang Systemen mit Qualcomm Snapdragon vorbehalten. Jetzt sind AMD und Intel an der Reihe. First seen on computerbase.de Jump to article: www.computerbase.de/news/betriebssysteme/copilot-plus-pcs-mit-windows-11-microsoft-gibt-ai-features-auch-fuer-amd-und-intel-frei.92002
-
Privacy Roundup: Week 13 of Year 2025
by
in SecurityNews
Tags: access, ai, android, apple, application-security, breach, browser, cctv, chrome, cloud, cve, cybersecurity, data, detection, exploit, firmware, google, group, leak, linux, malware, microsoft, mobile, phishing, privacy, regulation, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, zero-dayThis is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 – 29 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Open Source statt Microsoft – So können Unternehmen Linux-Server günstig und sicher aufsetzen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/open-source-und-linux-statt-windows-a-b4da32bf803c2dc7f035009a3c83d64b/
-
Genial oder aus Versehen? – Microsoft stellt Windows 11 Source Code versehentlich auf Github
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-stellt-windows-11-source-code-versehentlich-auf-github-a-61e67960ae8b9baa7bb71ae67f1e1602/
-
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders
by
in SecurityNewsMicrosoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-uses-ai-to-find-flaws-in-grub2-u-boot-barebox-bootloaders/
-
Cybersecurity Leaders Share Three Challenges Exposure Management Helps Them Solve
by
in SecurityNews
Tags: access, attack, automation, best-practice, breach, business, cloud, container, control, cyber, cybersecurity, data, exploit, guide, infrastructure, Internet, microsoft, mobile, network, risk, risk-management, strategy, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trustEach Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this blog, we share three challenges cybersecurity leaders say exposure management helps them solve. You can read the entire Exposure Management Academy series here. Traditional vulnerability management is undergoing a transformation.…
-
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
by
in SecurityNewsThe threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp.The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208.”The threat actor deploys payloads primarily by means…
-
Intel and Microsoft staff allegedly lured to work for fake Chinese company in Taiwan
by
in SecurityNews11 companies, including SMIC, accused of disguising outposts so they can illicitly serve Beijing First seen on theregister.com Jump to article: www.theregister.com/2025/03/31/china_disguised_tech_companies_taiwan/
-
Windows 11 Insider Released Microsoft Removes BypassNRO.cmd Script to Enhance Security
by
in SecurityNewsMicrosoft has launchedWindows 11 Insider Preview Build 26200.5516to the Dev Channel with exciting new updates, including innovative features and a key security enhancement. Among the major changes is the removal of the widely knownBypassNRO.cmd script, a move aimed at bolstering Windows 11’s overall security and ensuring a seamless user experience. Prioritizing Security and Connectivity In…
-
Windows 11 quick machine recovery: Restoring devices with boot issues
by
in SecurityNewsMicrosoft has rolled out quick machine recovery, a new Windows feature aimed at preventing prolonged widespread outages like the one caused by a faulty CrowdStrike update in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/31/quick-machine-recovery-restoring-windows-11-devices-with-boot-issues/
-
Water Gamayun Hackers Exploit MSC EvilTwin Zero-day Vulnerability to Hack Windows Machine
by
in SecurityNewsWater Gamayun, a suspected Russian threat actor, has been identified exploiting the MSC EvilTwin zero-day vulnerability (CVE-2025-26633) to compromise Windows systems. This vulnerability, embedded in the Microsoft Management Console (MSC) framework, allows attackers to execute malicious code remotely, exfiltrate sensitive data, and maintain persistent control over infected machines. The exploit leverages custom payloads and advanced…
-
Windows 11: Wie sich der Microsoft-Kontozwang weiter umgehen lässt
by
in SecurityNewsDie Entfernung der bypassnro.cmd aus Windows 11 erregt Aufsehen. Microsofts Online-Kontozwang lässt sich aber auch anders aushebeln. First seen on golem.de Jump to article: www.golem.de/news/windows-11-wie-sich-der-microsoft-kontozwang-weiter-umgehen-laesst-2503-194830.html
-
Microsoft schickt 6 AI Security Agenten ins Rennen
by
in SecurityNewsNeue AI-Offensive bei Microsoft. Vor einem Jahr hatte das Unternehmen den Microsoft Security Copilot eingeführt, um Sicherheitsvorfälle schnell und präzise zu erkennen, zu untersuchen und darauf zu reagieren. Nun hat man gleich sechs AI Security Agenten vorgestellt, die Nutzer bei … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/31/microsoft-schickt-6-ai-security-agenten-ins-rennen/