Tag: microsoft
-
Microsoft adds AI to Purview for faster breach response
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/microsoft-adds-ai-to-purview-for-faster-breach-response
-
Blocking Device Code Flow in Microsoft Entra ID
by
in SecurityNewsWhat is Device Code Flow Device code flow is an authentication mechanism typically used on devices with limited input capabilities”, like smart TVs, IoT appliances, or CLI-based tools. A user initiates login on the device, which displays a code. The user then opens a browser on a separate device and enters the code at microsoft.com/devicelogin.…
-
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024
by
in SecurityNewsMicrosoft announced it will begin disabling all ActiveX controls in Windows versions of Microsoft 365 and Office 2024 applications later this month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-blocks-activex-by-default-in-microsoft-365-office-2024/
-
Exchange 2016 and 2019 reach end of support in six months
by
in SecurityNews
Tags: microsoftMicrosoft warned that Exchange 2016 and Exchange 2019 will reach the end of support six months from now, on October 14. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2016-and-2019-reach-end-of-support-in-six-months/
-
Microsoft warns of CPU spikes when typing in classic Outlook
by
in SecurityNewsMicrosoft warned Windows users of increased CPU usage when typing while using recent versions of the classic Outlook email client. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-cpu-spikes-when-typing-in-classic-outlook/
-
Microsoft Teams File Sharing Unavailable Due to Unexpected Outage
by
in SecurityNewsMicrosoft Teams users across the globe are experiencing significant disruptions in file-sharing capabilities due to an unexpected outage, impacting workplace communication and collaboration. A wave of reports began surfacing from organizations and individuals unable to share files within Microsoft Teams”, the popular collaboration platform used by businesses, schools, and organizations worldwide. Users attempting to send…
-
ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK?
by
in SecurityNewsStopping users shooting themselves in the foot with last century’s tech First seen on theregister.com Jump to article: www.theregister.com/2025/04/15/activex_microsoft_365/
-
Paragon Hard Disk Manager Flaw Enables Privilege Escalation and DoS Attacks
by
in SecurityNews
Tags: access, attack, cyber, cybersecurity, dos, exploit, flaw, microsoft, ransomware, service, software, vulnerabilityParagon Software’s widely used Hard Disk Manager (HDM) product line has been found to contain five severe vulnerabilities in its kernel-level driver, BioNTdrv.sys, enabling attackers to escalate privileges to SYSTEM-level access or trigger denial-of-service (DoS) attacks. The flaws, now patched, were actively exploited in ransomware campaigns leveraging Microsoft-signed drivers, according to cybersecurity researchers. Overview of the Vulnerabilities The…
-
CISO Conversations: Maarten Van Horenbeeck, SVP Chief Security officer at Adobe
by
in SecurityNewsVan Horenbeeck’s career spans some of the biggest companies in tech: Verizon, Microsoft, Google, Amazon, Zendesk, and now SVP and CSO at Adobe. The post CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security officer at Adobe appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ciso-conversations-maarten-van-horenbeeck-svp-chief-security-officer-at-adobe/
-
Windows Server 2025: Domain-Controller sind nach Neustart nicht mehr erreichbar
by
in SecurityNewsWindows Server 2025 leidet offenbar unter einem Konnektivitätsproblem. Laut Microsoft wird bei Domain-Controllern das falsche Firewall-Profil geladen. First seen on golem.de Jump to article: www.golem.de/news/windows-server-2025-domain-controller-sind-nach-neustart-nicht-mehr-erreichbar-2504-195369.html
-
Agentic AI is both boon and bane for security pros
by
in SecurityNewsRecent agentic security signposts: Recently, we have seen numerous examples of how quickly building your own autonomous AI agents has taken root. Microsoft last month demonstrated six new AI agents that work with its Copilot software that talk directly to its various security tools to identify vulnerabilities, flag identity and asset compromises. Simbian is hosting…
-
Hackers Use Microsoft Teams Chats to Deliver Malware to Windows PCs
by
in SecurityNewsA sophisticated cyberattack campaign has emerged, leveraging Microsoft Teams chats to infiltrate Windows PCs with malware, according to a recent report by cybersecurity firm ReliaQuest. The attack, which began surfacing in March 2025 and primarily targets the finance and professional services sectors, signals a dramatic evolution in tactics used by threat actors linked to the…
-
OT-Security: Warum der Blick auf Open Source lohnt
by
in SecurityNews
Tags: ai, compliance, control, data, detection, edr, endpoint, Hardware, incident, incident response, intelligence, iot, microsoft, ml, monitoring, network, open-source, PCI, technology, threat, tool, vulnerability, vulnerability-managementAuch im OT-Security-Bereich stellen Open-Source-Lösungen eine kostengünstige Alternative zu kommerziellen Tools dar. Die zunehmende Digitalisierung und Vernetzung in der industriellen Produktion haben OT-Security (Operational Technology-Sicherheit) zu einem Kernthema in Unternehmen gemacht. Produktionsdaten, SCADA-Systeme (Supervisory Control and Data Acquisition) und vernetzte Maschinen sind in vielen Branchen essenziell und äußerst anfällig für Cyberangriffe. Ein Zwischenfall kann…
-
Colleges and Schools Now Top Targets for Online Threat Actors
by
in SecurityNewsAcross the globe, a new kind of threat is targeting the very institutions dedicated to shaping the future: schools, colleges, and universities. In 2024, experts warn that educational organizations have become prime targets for online threat actors, including nation-state-backed hackers and financially motivated cybercriminals. A recent Microsoft report ranked the education sector as the third-most-targeted…
-
Microsoft’s Recall AI Tool Is Making an Unwelcome Return
by
in SecurityNewsMicrosoft held off on releasing the privacy-unfriendly feature after a swell of pushback last year. Now it’s trying again, with a few improvements that skeptics say still aren’t enough. First seen on wired.com Jump to article: www.wired.com/story/microsoft-recall-returns-privacy/
-
AI Awful at Fixing Buggy Code
by
in SecurityNewsLLMs Falter on Real-world Bugs, Even With Debugger Access: Microsoft. Artificial intelligence can code but it can’t debug says Microsoft after observing how large language models performed when given a series of real world software programming tests. Most LLMs struggle to resolve software bugs, even when given access to traditional developer tools such as debuggers.…
-
Microsoft tells Windows users to ignore 0x80070643 WinRE errors
by
in SecurityNewsMicrosoft says some users might see 0x80070643 installation failures when trying to deploy the April 2025 Windows Recovery Environment (WinRE) updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-tells-windows-users-to-ignore-winre-install-errors/
-
New Windows updates fix Active Directory policy issues
by
in SecurityNewsMicrosoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-emergency-windows-updates-fix-ad-policy-issues/
-
New emergency Windows updates fix AD policy issues
by
in SecurityNewsMicrosoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-emergency-windows-updates-fix-ad-policy-issues/
-
OpenAI’s GPT-4.1, 4.1 nano, and 4.1 mini models release imminent
by
in SecurityNewsAccording to references spotted on OpenAI’s website, the Microsoft-backed AI startup is planning to launch five new models this week, including GPT-4.1, 4.1 nano, and 4.1 mini. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/openais-gpt-41-41-nano-and-41-mini-models-release-imminent/
-
Windows Server 2025 restarts break connectivity on some DCs
by
in SecurityNewsMicrosoft warned IT admins that some Windows Server 2025 domain controllers might become inaccessible after a restart, causing apps and services to fail or remain unreachable. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-windows-server-2025-restarts-break-services-on-domain-controllers/
-
Windows 10 und 11: Mysterium um inetpub-Ordner teilweise aufgelöst
by
in SecurityNewsNach dem April-Patchday ist auf vielen Windows-Systemen unerwartet ein Ordner namens inetpub aufgetaucht. Microsoft warnt davor, diesen zu löschen. First seen on golem.de Jump to article: www.golem.de/news/windows-10-und-11-mysterium-um-inetpub-ordner-teilweise-aufgeloest-2504-195313.html
-
Microsoft Issues Urgent Patch to Fix Office Update Crash
by
in SecurityNewsMicrosoft has released an urgent patch for Office 2016 to address a critical issue causing key applications like Word, Excel, and Outlook to crash unexpectedly. The new update, KB5002623, was issued on April 10, 2025, following widespread reports of performance disruptions attributed to the earlier KB5002700 update. This latest patch applies exclusively to the Microsoft…
-
Microsoft Enhances Exchange and SharePoint Security with AMSI Integration
by
in SecurityNewsMicrosoft has announced enhanced security measures for its Exchange Server and SharePoint Server products, both of which are critical assets for many organizations. The core of this enhancement is the integration with the Windows Antimalware Scan Interface (AMSI). The blog post emphasizes that Exchange and SharePoint servers are prime targets for attackers due to the…
-
An inside look at Microsoft’s AI Red Team
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/an-inside-look-at-microsofts-ai-red-team
-
Breach Roundup: Port of Seattle Notifies 90,000 Victims
Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete Servers. This week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider’s King Bob pleaded guilty, SmokeLoader users busted. First seen on govinfosecurity.com Jump to article:…
-
Microsoft releases emergency update to fix Office 2016 crashes
by
in SecurityNewsMicrosoft has released an out-of-band Office update to fix a known issue that caused Word, Excel, and Outlook to crash after installing the KB5002700 security update for Office 2016. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-update-to-fix-office-2016-crashes/
-
Licensing issue blocks Microsoft 365 Family for some users
by
in SecurityNewsMicrosoft is investigating a potential licensing issue blocking access to Microsoft 365 services for some customers with Family subscriptions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-licensing-issue-blocks-microsoft-365-family-for-some-users/
-
Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses
by
in SecurityNewsThreat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries to execute malicious code in what’s seen as a sneakier attempt to stage a software supply chain attack.The newly discovered package, named pdf-to-office, masquerades as a utility for converting PDF files to…
-
Amazon Gift Card Email Hooks Microsoft Credentials
by
in SecurityNewsAmazon Gift Card Email Hooks Microsoft Credentials First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/amazon-gift-card-email-hooks-microsoft-credentials/