Tag: microsoft

Trotz Kritik und möglicher Sicherheitsrisiken – Microsoft treibt agentenbasiertes Windows 11 weiter voran

Jan 12, 2026 8:01 AM

Tags: microsoft, windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-11-ki-entfernen-skript-a-bb4cc6faef3011bbdadc0d99c8dced77/
EDRStartupHinder: Blocks Antivirus EDR at Windows 11 25H2 Startup (Defender Included)

Jan 12, 2026 7:01 AM

Tags: antivirus, api, cyber, cybersecurity, detection, edr, endpoint, exploit, microsoft, software, startup, tool, windows

A cybersecurity researcher has unveiled EDRStartupHinder, a proof-of-concept tool that prevents antivirus and endpoint detection and response (EDR) solutions from launching during Windows startup, including Microsoft Defender on Windows 11 25H2. The technique exploits Windows Bindlink API functionality through the bindflt.sys driver to interfere with security software initialization. The tool builds on previous research into Bindlink…
Microsoft is retiring ‘Send to Kindle’ in Word

Jan 11, 2026 5:01 AM

Tags: microsoft

Microsoft is retiring a feature that allowed you to send your documents to Kindle straight from Microsoft Word. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-is-retiring-send-to-kindle-in-word/
Microsoft Windows Media Player stops serving up CD album info

Jan 10, 2026 1:01 PM

Tags: microsoft, windows

No naming that tune and no album covers First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/microsoft_windows_media_player_forgets/
ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Jan 10, 2026 1:01 AM

Tags: ai, attack, backdoor, chatgpt, cloud, data, email, injection, leak, LLM, malicious, microsoft, openai, risk, service, tool, vulnerability, worm

Worm-like propagation: The email attack even has worming capabilities, as the malicious prompts could instruct ChatGPT to scan the inbox, extract addresses from other email messages, exfiltrate those addresses to the attackers using the URL trick, and send similar poisoned messages to those addresses as well.If the victim is the employee of an organization that…
Microsoft may soon allow IT admins to uninstall Copilot

Jan 9, 2026 10:01 PM

Tags: ai, microsoft

Microsoft is testing a new policy that allows IT administrators to uninstall the AI-powered Copilot digital assistant on managed devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-may-soon-allow-it-admins-to-uninstall-copilot-on-managed-devices/
Microsoft Introduces Teams External Collaboration Administrator Role

Jan 9, 2026 7:02 PM

Tags: cyber, microsoft

Microsoft is expanding its administrative capabilities in Teams by introducing a new built-in role called Teams External Collaboration Administrator. This specializedRBACrole enables organizations to delegateexternal collaborationmanagement without granting full Teams admin permissions. Rollout Timeline The new role will begin rolling out in late January 2026 and is expected to be fully available worldwide by mid-February…
Termine 2026 – Wann ist Microsoft Patchday?

Jan 9, 2026 5:01 PM

Tags: microsoft

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-patchday-patch-tuesday-updates-2026-a-bf5209034d0a406e70e4c8dbe0d18762/
Breach Roundup: Firewalls Headed for Obsolescence

Jan 9, 2026 1:01 PM

Tags: breach, browser, chrome, firewall, flaw, infrastructure, malicious, microsoft

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws Exploited. This week, Moody’s said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches. First seen…
Kölner Gutachten stellt Microsoft-Nutzung infrage – Kürzungen bei Familien, Milliarden für Microsoft?

Jan 9, 2026 1:01 PM

Tags: microsoft

First seen on security-insider.de Jump to article: www.security-insider.de/us-behoerden-zugriff-europaeische-cloud-daten-microsoft-sicherheit-a-66959c9a0efc9f7469eb1c6cd8be82a8/
January 2026 Patch Tuesday forecast: And so it continues

Jan 9, 2026 10:01 AM

Tags: microsoft, update

Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor’s security patch activity (and reported issues) for the month, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/09/january-2026-patch-tuesday-forecast/
Microsoft Mandates MFA for Microsoft 365 Admin Center Access

Jan 9, 2026 7:01 AM

Tags: cloud, cyber, login, mfa, microsoft, password

Microsoft is tightening security for its cloud customers by makingmulti-factor authenticationmandatory for anyone accessing the Microsoft 365 admin center, effectively ending password-only logins forhigh-privilegeadmin portals. The enforcement will fully kick in on February 9, 2026, following a phased rollout that began in early 2025. Deadline and enforcement scope Under the new policy, admin users who…
Breach Roundup: Firewalls Headed for Obsolesce

Jan 8, 2026 11:01 PM

Tags: breach, browser, chrome, firewall, flaw, infrastructure, malicious, microsoft

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws Exploited. This week, Moody’s said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches. First seen…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys

Jan 8, 2026 7:02 PM

Tags: access, attack, authentication, cyber, cybersecurity, hacker, microsoft, social-engineering, threat

In a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID that weaponizes legitimate OAuth 2.0 authentication flows to harvest privileged access tokens. The technique, dubbed >>ConsentFix<< by PushSecurity, represents an evolution of the ClickFix social engineering paradigm, enabling threat actors to…
How Attackers Hide Processes by Abusing Kernel Patch Protection

Jan 8, 2026 7:02 PM

Tags: api, cyber, data, malicious, microsoft, monitoring, tool, update, windows

Security researchers have identified a sophisticated technique that allows attackers to hide malicious processes from Windows Task Manager and system monitoring tools, even on systems with Microsoft’s most advanced kernel protections enabled. The bypass leverages legitimate Windows APIs to manipulate core data structures before integrity checks can detect tampering, circumventing both PatchGuard and Hypervisor-Protected Code…
Phishing-Angreifer setzen vermehrt auf E-Mail-Routing-Lücken

Jan 8, 2026 4:01 PM

Tags: 2fa, authentication, business, cyberattack, dmarc, dns, email, framework, infrastructure, intelligence, mail, mfa, microsoft, password, phishing, risk, service, spam, threat

Angreifer missbrauchen falsch konfigurierte Richtlinien, um Phishing-E-Mails wie interne E-Mails aussehen zu lassen, Filter zu umgehen und Anmeldedaten zu stehlen.Das Threat Intelligence Team von Microsoft hat kürzlich festgestellt, dass Angreifer zunehmend komplexe E-Mail-Weiterleitungen und falsch konfigurierte Domain-Spoofing-Schutzmaßnahmen ausnutzen. Dabei lassen sie ihre Phishing-Nachrichten so aussehen, als würden sie von den angegriffenen Organisationen selbst stammen.In den…
Phishing Attacks Exploit Misconfigured Email Routing Settings to Target Microsoft 365 Users

Jan 8, 2026 4:01 PM

Tags: attack, email, exploit, microsoft, phishing

Misconfigurations abused to make phishing emails look like they come from within the organization First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phishing-exploits-misconfigured/
Microsoft Exchange Online outage blocks access to mailboxes via IMAP4

Jan 8, 2026 3:01 PM

Tags: access, Internet, microsoft, service

Microsoft is working to fix an Exchange Online service outage that intermittently prevents users from accessing their mailboxes via the Internet Mailbox Access Protocol 4 (IMAP4). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-outage-blocks-access-to-mailboxes-via-imap4/
Microsoft to enforce MFA for Microsoft 365 admin center sign-ins

Jan 8, 2026 2:01 PM

Tags: authentication, mfa, microsoft

Microsoft will start enforcing multi-factor authentication (MFA) for all users accessing the Microsoft 365 admin center starting next month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-enforce-mfa-for-microsoft-365-admin-center-sign-ins/
U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog

Jan 8, 2026 1:01 PM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, office, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2009-0556 is a memory corruption flaw…
BlueDelta Hackers Target Microsoft OWA, Google, and Sophos VPN to Steal Credentials

Jan 8, 2026 10:01 AM

Tags: credentials, cyber, google, group, hacker, infrastructure, microsoft, russia, sophos, theft, threat, vpn

A sophisticated credential-harvesting operation conducted by BlueDelta, a Russian state-sponsored threat group linked to the GRU’s Main Directorate, targeted critical infrastructure organizations and research institutions throughout 2025, according to a comprehensive investigation by Recorded Future’s Insikt Group. The campaign, spanning February through September 2025, represents a significant evolution in the group’s persistent credential-theft operations, with…
CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

Jan 8, 2026 8:01 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, office, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting Microsoft Office and Hewlett Packard Enterprise (HPE) OneView to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerabilities are listed below -CVE-2009-0556 (CVSS score: 8.8) – A code injection vulnerability in Microsoft Office First seen on thehackernews.com…
Phishers Exploit Office 365 Users Who Let Their Guard Down

Jan 8, 2026 12:01 AM

Tags: exploit, microsoft, office, phishing

Microsoft said that Office 365 tenants with weak configurations and who don’t have strict anti-spoofing protection enabled are especially vulnerable. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/phishers-exploit-office-365-users-guard-down
Threat Actors Exploit Google Cloud Services to Steal Microsoft 365 Credentials

Jan 7, 2026 10:02 PM

Tags: cloud, credentials, cyber, cybersecurity, email, exploit, google, infrastructure, malicious, microsoft, phishing, service, threat

A sophisticated phishing campaign is exploiting Google Cloud infrastructure to bypass email security filters and steal Microsoft 365 credentials, demonstrating how attackers increasingly abuse trusted cloud platforms to lend legitimacy to their malicious activities. Cybersecurity researchers at Check Point have uncovered a large-scale operation targeting approximately 3,200 organizations, resulting in over 9,300 phishing emails over…
ToddyCat Malware Exploits ProxyLogon to Compromise Microsoft Exchange Servers

Jan 7, 2026 10:02 PM

Tags: cyber, espionage, exploit, group, malware, microsoft, risk, threat

ToddyCat, a sophisticated cyber-espionage threat group also known as Websiic and Storm-0247, has emerged as a significant risk to organizations across Europe and Asia. The group’s operations, which began in December 2020 by targeting Microsoft Exchange servers in Taiwan and Vietnam, have since evolved into complex, multi-stage campaigns that leverage advanced evasion techniques and specialized…
Classic Outlook bug prevents opening encrypted emails

Jan 7, 2026 6:01 PM

Tags: email, microsoft

Microsoft has confirmed a known issue that prevents recipients from opening encrypted emails in classic Outlook. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-classic-outlook-bug-prevents-opening-encrypted-emails/
Microsoft scraps Exchange Online spam clamp after customers cry foul

Jan 7, 2026 5:01 PM

Tags: email, microsoft, spam

Negative feedback sinks Redmond’s plan to cap outbound email recipients First seen on theregister.com Jump to article: www.theregister.com/2026/01/07/exchange_online_recipient_rate/
Microsoft warns of a surge in phishing attacks exploiting email routing gaps

Jan 7, 2026 2:01 PM

Tags: access, attack, authentication, breach, control, defense, detection, dmarc, email, exploit, identity, infrastructure, mail, mfa, microsoft, password, phishing, service, spam, vulnerability

Hardening configurations can help: The disclosure emphasizes that proper configuration of mail authentication mechanisms is the most effective defense against this spoofing vector. Organizations are advised to adopt strict DMARC reject policies and enforce SPF hard fails so that unauthenticated mail claiming to be from their domains is rejected or safely quarantined.Additionally, recommendations include ensuring…