Tag: microsoft
-
Cyberangriff auf ‘Washington Post”
by
in SecurityNews
Tags: access, china, cyber, cyberattack, cyberespionage, governance, government, mail, microsoft, usaDie “Washington Post” wurde Ziel einer Cyberattacke. Die Microsoft-Accounts mehrerer Journalisten der ‘Washington Post” sind laut einem Bericht des ‘Wall Street Journal” von Cyberkriminellen kompromittiert worden. Die Angreifer hatten demnach auch Zugriff auf dienstliche E-Mails der US-Zeitung. Es wird angenommen, dass es sich dabei um einen gezielten Angriff einer Regierung aus dem Ausland handelt.Zu den…
-
Microsoft Purview DLP Now Controls Copilot’s Access to Sensitive Email Data
Microsoft is set to enhance data security in Microsoft 365 by extending Purview Data Loss Prevention (DLP) controls to Copilot’s handling of sensitive email data. Starting January 1, 2025, Microsoft 365 Copilot will be prevented from processing emails that carry sensitivity labels, marking a significant step forward in enterprise data protection. New Protections for Sensitive…
-
June Windows Server security updates cause DHCP issues
by
in SecurityNewsMicrosoft acknowledged a new issue caused by the June 2025 security updates, causing the DHCP service to freeze on some Windows Server systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-june-windows-server-security-updates-cause-dhcp-issues/
-
MDEAutomator: Open-source endpoint management, incident response in MDE
by
in SecurityNewsManaging endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/mdeautomator-open-source-automation-microsoft-defender-for-endpoint-mde/
-
Microsoft-Signed Firmware Module Bypasses Secure Boot
by
in SecurityNewsUEFI Vulnerability Threatens Systems with Silent Compromise. Hackers could circumvent the protections of Secure Boot by silently disabling it through an attack that potentially affects a wide swath of Windows laptops and servers. Microsoft issued a patch this month and hackers would already need admin access and physical access to a target machine. First seen…
-
Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/15/week-in-review-microsoft-fixes-exploited-zero-day-mirai-botnets-target-unpatched-wazuh-servers/
-
Microsoft Patches 67 Security Flaws, Including CVE-2025-33053
by
in SecurityNewsMicrosoft has released a sweeping security update addressing 67 vulnerabilities across its software ecosystem. This includes a critical zero-day vulnerability in Web Distributed Authoring and Versioning (WebDAV) that is currently being exploited in real-world attacks. Breakdown of June 2025 Patch… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/microsoft-patches-webdav-zero-day-cve-2025-33053/
-
Microsoft Office 2016-Nutzer mit Copilot zwangsbeglückt
by
in SecurityNewsDie Woche ist mir erneut ein ein Fall untergekommen, wo Copilot, trotz gesetzter GPOs zum Deaktivieren, in Office 2016 auftaucht. Nachdem Sicherheitsforscher auf die erste Zero-Click-Schwachstelle in der KI-Anwendung Copilot gestoßen sind, greife ich das Thema nochmals hier im Blog auf. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/14/microsoft-office-2016-nutzer-mit-copilot-zwangsbeglueckt/
-
Black Basta Leaks Highlight Phishing, Google Takeover Risks
by
in SecurityNewsDefunct Ransomware Group’s Diaspora Includes Hackers With Focus on Microsoft Teams Based on intelligence gleaned from the leak of Black Basta ransomware messages, researchers are warning organizations to beware phishing attacks launched via Microsoft partner domains and via Teams, as well as the targeting of personal Google accounts accessed via corporate devices. First seen on…
-
TeamFiltration pentesting tool harnessed in global Microsoft Entra ID attack campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/teamfiltration-pentesting-tool-harnessed-in-global-microsoft-entra-id-attack-campaign
-
Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks
by
in SecurityNewsAim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to attackers simply by issuing a request for the information in a specially worded email. Microsoft fixed the security flaw. First seen on securityboulevard.com Jump…
-
First Known Zero-Click AI Exploit: Microsoft 365 Copilot’s ‘EchoLeak’ Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-365-copilot-flaw-echoleak/
-
Danish government agency to ditch Microsoft software in push for digital independence
by
in SecurityNewsDenmark’s digital affairs ministry says it plans to switch to the open source LibreOffice software and away from Microsoft products as part of an effort to make the government more digitally independent. First seen on therecord.media Jump to article: therecord.media/denmark-digital-agency-microsoft-digital-independence
-
Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers
by
in SecurityNewsProofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/threat-actor-teamfiltration-entra-id-attacks
-
First Known ‘Zero-Click’ AI Exploit: Microsoft 365 Copilot’s EchoLeak Flaw
Security researchers uncovered “EchoLeak,” a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-365-copilot-flaw-echoleak/
-
Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack
by
in SecurityNews
Tags: attack, china, cloud, control, corporate, encryption, espionage, exploit, google, group, intelligence, microsoft, monitoring, network, open-source, penetration-testing, ransomware, service, threat, toolOpen-source pen testers for executing commands: Another peculiarity observed in the attack was the use of open-source penetration testing tools, like GC2 and Adaptix C2, rarely seen with ransomware attacks.Google Command and Control (GC2) is an open-source post-exploitation tool that allows attackers to control compromised systems using legitimate cloud services like Google Sheets and Google…
-
KB5060533 update triggers boot errors on Surface Hub v1 devices
by
in SecurityNewsMicrosoft is investigating a known issue that triggers Secure Boot errors and prevents Surface Hub v1 devices from starting up. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-kb5060533-update-triggers-boot-errors-on-surface-hub-v1-devices/
-
Why Denmark is breaking up with Microsoft
by
in SecurityNewsRelying too heavily on a US tech giant for your nation’s digital infrastructure is starting to feel a bit… well, risky. First seen on grahamcluley.com Jump to article: grahamcluley.com/why-denmark-is-breaking-up-with-microsoft/
-
Microsoft confirms auth issues affecting Microsoft 365 users
by
in SecurityNewsMicrosoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-auth-issues-affecting-microsoft-365-users/
-
Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access
by
in SecurityNewsA newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of critical Directory Service Accounts (DSAs), potentially compromising Active Directory environments. Rated 6.5 (Medium) on the CVSS v3.1 scale, this flaw exploits MDI’s Lateral Movement Paths (LMPs) feature and has been actively addressed in Microsoft’s May…
-
Datenschutz und KI-Nutzung – Kyndryl und Microsoft bündeln Kräfte für mehr Datensicherheit
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/kyndryl-und-microsoft-buendeln-kraefte-fuer-mehr-datensicherheit-a-9c0a648e517da3e01b1f333cf800b539/
-
EchoLeak: Erste AI 0-Click-Sicherheitslücke in Microsoft Copilot
by
in SecurityNewsSicherheitsforscher sind auf die erste Zero-Click-Schwachstelle in einer KI-Anwendung gestoßen. Wenig überraschend für mich betrifft dies Microsoft 365 Copilot. Angreifer könnten Microsoft 365 Copilot über diese, als EchoLeak bezeichnete, Schwachstelle zu einer Datenexfiltration zwingen. Microsoft “stülpt” ja allen Office-Anwendern den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/13/echoleak-erste-ai-0-click-sicherheitsluecke-in-microsoft-copilot/
-
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
by
in SecurityNewsResearchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-365-copilot-zeroclick-ai/
-
PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability
by
in SecurityNewsMicrosoft addressed a high-severity elevation of privilege vulnerability (CVE-2025-21420) in its Windows Disk Cleanup Utility (cleanmgr.exe) during February 2025’s Patch Tuesday. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM privileges through DLL sideloading and a directory traversal technique. Technical Analysis of CVE-2025-21420 The vulnerability stems from cleanmgr.exe’s…
-
How to log and monitor PowerShell activity for suspicious scripts and commands
by
in SecurityNewsBlock executable content from email client and webmailBlock executable files from running unless they meet a prevalence, age, or trusted list criterionBlock execution of potentially obfuscated scriptsBlock JavaScript or VBScript from launching downloaded executable contentBlock process creations originating from PSExec and WMI commands Log workstation PowerShell commands: Even without Microsoft Defender resources you need to…
-
WebDAV Remote Code Execution 0-Day Actively Exploited, PoC Released
by
in SecurityNewsA critical zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WebDAV) protocol, tracked as CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon since March 2025. The flaw, patched in June’s Patch Tuesday, enables remote code execution (RCE) via manipulated .url shortcut files and has been linked to attacks…
-
Password Spraying Attacks Hit Entra ID Accounts
by
in SecurityNewsHackers Use TeamFiltration Penetration Testing Tool. A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts – and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/password-spraying-attacks-hit-entra-id-accounts-a-28682
-
Researchers Detail Zero-Click Copilot Exploit ‘EchoLeak’
by
in SecurityNewsResearchers at Aim Security disclosed a Microsoft Copilot vulnerability of critical severity this week that could have enabled sensitive data exfiltration via prompt injection attacks. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/researchers-detail-zero-click-copilot-exploit-echoleak