Tag: microsoft
-
Windows 10 KB5055518 update fixes random text when printing
by
in SecurityNewsMicrosoft has released the KB5055518 cumulative update for Windows 10 22H2 and Windows 10 21H2, with nine changes or fixes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-kb5055518-update-fixes-random-text-when-printing/
-
Windows 11 KB5055523 & KB5055528 cumulative updates released
by
in SecurityNewsMicrosoft has released Windows 11 KB5055523 and KB5055528 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5055523-and-kb5055528-cumulative-updates-released/
-
In The News – ManagedMethods Launches Classroom Manager to Protect Students from Online Harm, Put Control Back in the Hands of Educators
by
in SecurityNewsThis article was originally published in Newswire on 04/03/25. Introduction of Classroom Manager comes during a pivotal moment for educators balancing effective classroom learning with decreasing student engagement ManagedMethods, the leading provider of Google Workspace and Microsoft 365 cybersecurity, student safety, and compliance for K-12 school districts, today announces the launch of Classroom Manager, a…
-
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.”One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a First seen on…
-
What Microsoft Knows About AI Security That Most CISOs Don’t?
by
in SecurityNewsTraditional security fails with AI systems. Discover Microsoft’s RAI Maturity Model and practical steps to advance from Level 1 to Level 5 in AI security governance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/what-microsoft-knows-about-ai-security-that-most-cisos-dont/
-
Nebenbei kriminell: Doppelleben eines Sicherheitsforschers enttarnt
by
in SecurityNews
Tags: microsoftSicherheitslücken an Konzerne wie Microsoft zu melden, war ihm offenkundig nicht genug. Nebenbei soll der Sicherheitsforscher Teil einer bekannten Cyberbande sein. First seen on golem.de Jump to article: www.golem.de/news/nebenbei-kriminell-doppelleben-eines-sicherheitsforschers-enttarnt-2504-195137.html
-
Microsoft 365 Backup: Bordmittel zur Sicherung von Daten in der Cloud – Backup für Microsoft 365: integrierte Lösung nutzen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/backup-fuer-microsoft-365-integrierte-loesung-nutzen-a-d42d82af4de88fedb6d0df668ab9c494/
-
E-Mails von microsoft-noreply@microsoft.com – Angreifer tricksen Opfer mit echten Systemnachrichten von Microsoft aus
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminelle-microsoft-benachrichtigungen-phishing-a-e2398100901a98bd505268ab97da888a/
-
Legal clock ticking for Microsoft over alleged software license abuses
by
in SecurityNewsWith weeks to meet terms of settlement agreement, engineers in Redmond still don’t have a product to show CISPE First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/legal_clock_ticking_for_microsoft/
-
EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher
by
in SecurityNewsEncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/encrypthubs-dual-life-cybercriminal-vs-windows-bug-bounty-researcher/
-
Microsoft delays WSUS driver sync deprecation indefinitely
by
in SecurityNewsMicrosoft announced today that, based on customer feedback, it will indefinitely delay removing driver synchronization in Windows Server Update Services (WSUS). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-delays-wsus-driver-sync-deprecation-indefinitely/
-
An Operator’s Guide to Device-Joined Hosts and the PRT Cookie
by
in SecurityNewsIntroduction About five years ago, Lee Chagolla-Christensen shared a blog detailing the research and development process behind his RequestAADRefreshToken proof-of-concept (POC). In short, on Entra ID joined (including hybrid joined) hosts, it’s possible to obtain a primary refresh token (PRT) cookie from the logged in user’s logon session, enabling an attacker to satisfy single-sign-on (SSO)…
-
Microsoft Security Copilot Gets New Tooling
by
in SecurityNewsCan Microsoft realize the true potential of its AI Security push? First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/microsoft-security-copilot-gets-new-tooling/
-
Malicious VSCode extensions infect Windows with cryptominers
by
in SecurityNewsNine VSCode extensions on Microsoft’s Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer to mine Ethereum and Monero. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-vscode-extensions-infect-windows-with-cryptominers/
-
Windows 11 24H2 blocked on PCs with code-obfuscation driver BSODs
by
in SecurityNewsMicrosoft has introduced a new Windows 11 24H2 safeguard hold for systems running security or enterprise software using SenseShield Technology’s sprotect.sys driver. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-24h2-blocked-on-pcs-with-code-obfuscation-driver-bsods/
-
Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign
by
in SecurityNewsSecurity researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-vs-code-cryptojacking/
-
The controversial case of the threat actor EncryptHub
by
in SecurityNewsMicrosoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. Microsoft credited the likely lone actor behind the EncryptHub alias (also known as SkorikARI) for reporting two Windows security flaws, highlighting a >>conflicted
-
Golem Karrierewelt: Kostenloses Live-Webinar: Microsoft Copilot Administration
by
in SecurityNews
Tags: microsoftWorauf kommt es bei der sicheren Administration von Microsoft Copilot an? Das Live-Webinar mit dem Microsoft 365-Experten Aaron Siller bietet Antworten! First seen on golem.de Jump to article: www.golem.de/news/golem-karrierewelt-kostenloses-live-webinar-microsoft-copilot-administration-2504-194994.html
-
How Trump’s tariffs are shaking up the cybersecurity sector
by
in SecurityNews
Tags: antivirus, ceo, china, cisa, country, cyber, cyberattack, cybersecurity, defense, finance, government, Hardware, infrastructure, microsoft, network, service, supply-chain, technology, threat, vulnerabilityCustomer cutbacks and increased costs are major concerns: In addition to the macroeconomic fears and worries over retaliatory measures, US cybersecurity companies are vulnerable to losing revenue under the new tariffs as customers reduce their cybersecurity budgets to cope with their own tariff-induced financial pressures.”What’s happening is that people are looking at cybersecurity through the…
-
AD Certificate Exploitation: ESC1
by
in SecurityNewsThe AD CS (Active Directory Certificate Services) certificate template is a predefined configuration in Microsoft AD CS that defines the type of certificate a user, First seen on hackingarticles.in Jump to article: www.hackingarticles.in/ad-certificate-exploitation-esc1/
-
Microsoft AI findet Schwachstellen in Open-Source-Boot-Loader
by
in SecurityNewsMicrosoft hat seine AI-Lösung Microsoft Security CoPilot verwendet, um mehrere Boot-Loader, darunter den von Linux verwendeten Open-Source-Boot-Loader Grub, sowie U-boot und Barebox, auf Schwachstellen abzuklopfen. Dabei wurden gleich mehrere Schwachstellen entdeckt wobei die Verwendung von AI das Auffinden von … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/06/microsoft-ai-findet-schwachstellen-in-open-source-boot-loader/
-
CYFOX Launches Email Security Solution with Direct Microsoft 365 Integration
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/cyfox-launches-email-security-solution-with-direct-microsoft-365-integration
-
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
by
in SecurityNewsA likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a “conflicted” individual straddling a legitimate career in cybersecurity and pursuing cybercrime.In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming…
-
Proaktive Sicherheitsansätze senken Cyberrisiko deutlich
by
in SecurityNewsRisikobehaftete Zugriffe auf Cloud-Applikationen sowie die Nutzung veralteter Microsoft Entra-ID-Konten zählen bei Unternehmen zu den größten Gefahren. Trend Micro, Anbieter von Cybersicherheitslösungen, gab einen Rückgang des Cyberrisikos bekannt, der sich in den Kennzahlen seines Cyber Risk Index (CRI) widerspiegelt. Mit einem Jahresdurchschnitt von 38,4 lag der Wert für 2024 um 6,2 Punkte unter dem CRI……
-
Windows intros 365 Link, a black box that does nothing but connect to Microsoft’s cloud
by
in SecurityNewsAnd it can be yours for a rather steep $349 First seen on theregister.com Jump to article: www.theregister.com/2025/04/03/windows_365_link/
-
Attackers Abuse Remote Desktop Protocol, Microsoft Binaries
by
in SecurityNewsInvestigators See Ongoing Use of Living-Off-the-Land Binaries, Frequent RDP Abuse. Incident responders studying last year’s top attacker tools, tactics and procedures have urged cyber defenders to monitor for the unusual use of legitimate administrator tools, suspicious use of Remote Desktop Protocol, as well as attempts by attackers to hide their tracks by wiping logs. First…
-
Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks
by
in SecurityNewsAs the United States approaches Tax Day on April 15, cybersecurity experts have uncovered a series of sophisticated phishing campaigns leveraging tax-related themes to exploit unsuspecting users. Microsoft has identified these campaigns as employing advanced redirection techniques such as URL shorteners and QR codes embedded in malicious attachments to evade detection. By abusing legitimate services…
-
AI Security Got Complicated Fast. Here’s How Microsoft is Simplifying It
by
in SecurityNewsMicrosoft’s approach offers a compelling opportunity to secure AI, leverage AI-driven security tools and establish a self-reinforcing ecosystem where AI agents effectively collaborate within defined organizational boundaries First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/ai-security-got-complicated-fast-heres-how-microsoft-is-simplifying-it/
-
Windows 10 Support-Ende: Microsoft setzt auf Upgrade oder Recycling
by
in SecurityNewsMicrosoft beendet 2025 den Support für Windows 10 und fordert Nutzer auf, ihre alten PCs zu recyceln oder auf Windows 11 umzusteigen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/windows-10-support-ende-microsoft-setzt-auf-upgrade-oder-recycling-312791.html
-
Microsoft Boosts Email Sender Rules for Outlook
by
in SecurityNewsThe tech giant will enforce new email authentication protocols for Outlook users who send large volumes of email beginning on May 5. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/microsoft-boosts-email-sender-rules-outlook