Tag: microsoft
-
Classic Outlook bug prevents opening encrypted emails
Microsoft has confirmed a known issue that prevents recipients from opening encrypted emails in classic Outlook. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-classic-outlook-bug-prevents-opening-encrypted-emails/
-
Microsoft scraps Exchange Online spam clamp after customers cry foul
Negative feedback sinks Redmond’s plan to cap outbound email recipients First seen on theregister.com Jump to article: www.theregister.com/2026/01/07/exchange_online_recipient_rate/
-
Microsoft warns of a surge in phishing attacks exploiting email routing gaps
Hardening configurations can help: The disclosure emphasizes that proper configuration of mail authentication mechanisms is the most effective defense against this spoofing vector. Organizations are advised to adopt strict DMARC reject policies and enforce SPF hard fails so that unauthenticated mail claiming to be from their domains is rejected or safely quarantined.Additionally, recommendations include ensuring…
-
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent internally.”Threat actors have leveraged this vector to deliver a wide variety of phishing messages related to various phishing-as-a-service (PhaaS) platforms such as Tycoon 2FA,” the First…
-
Automated data poisoning proposed as a solution for AI theft threat
Tags: ai, breach, business, cyber, data, encryption, framework, intelligence, LLM, malicious, microsoft, resilience, risk, risk-management, technology, theft, threatKnowledge graphs 101: A bit of background about knowledge graphs: LLMs use a technique called Retrieval-Augmented Generation (RAG) to search for information based on a user query and provide the results as additional reference for the AI system’s answer generation. In 2024, Microsoft introduced GraphRAG to help LLMs answer queries needing information beyond the data on…
-
Microsoft cancels plans to rate limit Exchange Online bulk emails
Microsoft announced today that it has canceled plans to impose a daily limit of 2,000 external recipients on Exchange Online bulk email senders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-cancels-plans-to-rate-limit-exchange-online-bulk-emails/
-
Microsoft cancels plans to rate limit Exchange Online bulk emails
Microsoft announced today that it has canceled plans to impose a daily limit of 2,000 external recipients on Exchange Online bulk email senders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-cancels-plans-to-rate-limit-exchange-online-bulk-emails/
-
Copilot, Recall, and Other AI Tools Can Be Removed from Windows 11 with New Tool
A new community tool is giving Windows 11 users far more control over Microsoft’s growing stack of AI features. An open”‘source project called RemoveWindowsAI now lets administrators and power users disable or strip out components such as Copilot, Recall, and other AI integrations that are tightly integrated with the operating system and Microsoft apps. The tool targets…
-
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names.The problem, according to Koi, is…
-
Are Copilot prompt injection flaws vulnerabilities or AI limits?
Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its Copilot AI assistant constitute security vulnerabilities. The development highlights a growing divide between how vendors and researchers define risk in generative AI systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/are-copilot-prompt-injection-flaws-vulnerabilities-or-ai-limits/
-
Windows 11 ohne Cloud-Zwang – Mehr Datenschutz: Windows 11 ohne Microsoft-Konto nutzen
First seen on security-insider.de Jump to article: www.security-insider.de/mehr-datenschutz-windows-11-ohne-microsoft-konto-nutzen-a-83bbe731e453a9198535dd4b6be6025f/
-
Wichtig zu wissen! – Mehr Flexibilität mit Anthropic Claude in Microsoft Copilot
Tags: microsoftFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-365-copilot-anthropic-modelle-a-2f462283fc8d33ea9eca8bfc0af6ae26/
-
How Microsoft gave customers what they wanted: An audience with Bill Gates
Tags: microsoftWell kinda… Your call will be transferred to the next available assistant First seen on theregister.com Jump to article: www.theregister.com/2026/01/01/microsofts_approach_to_customer_service/
-
Support-Ende Windows 10, Azure & Co – Diese Produkte mustert Microsoft 2026 aus
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-support-ende-ausmusterung-2026-windows-office-azure-a-8ea68ba18b8ce897d7e6866f03c0021d/
-
Wie KI die Cybersicherheit neu gestaltet
Tags: ai, ciso, cloud, cyber, cyberattack, cybersecurity, cyersecurity, data, encryption, gartner, governance, group, guide, hacker, incident response, infrastructure, microsoft, phishing, resilience, risk, sans, soc, supply-chain, threat, tool, vulnerability-managementKünstliche Intelligenz und insbesondere Generative KI dringt immer tiefer in die Sicherheitsprozesse vor.Generative KI (GenAI) ist zu einem allgegenwärtigen Werkzeug in Unternehmen geworden. Laut einer Umfrage der Boston Consulting Group nutzen 50 Prozent der Unternehmen die Technologie, um Arbeitsabläufe neu zu gestalten. 77 Prozent der Befragten sind überzeugt, dass KI-Agenten in den nächsten drei bis…
-
Strafanzeige nach digitalem Unterricht – Microsoft 365 Education darf Schüler nicht tracken
Tags: microsoftFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-365-education-darf-schueler-nicht-tracken-a-e4a6e8225ef48b90d81c60fef135863d/
-
Microsoft Makes Teams ‘Secure by Default’ Starting January 2026
Microsoft will enable Teams messaging security by default in January 2026, blocking risky files and malicious links to protect against AI-driven threats. The post Microsoft Makes Teams ‘Secure by Default’ Starting January 2026 appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-teams-secure-by-default-january-2026/
-
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox.The activity is assessed to be the work of a Chinese threat actor that Koi Security is tracking under the…
-
Hackers Abuse Copilot Studio’s New Connected Agents Feature to Plant Backdoors
Microsoft’s latest innovation may have opened the door to sophisticated cyberattacks. At Build 2025, the company introduced >>Connected Agents,
-
Zoom Stealer browser extensions harvest corporate meeting intelligence
A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft Edge users through 18 extensions that collect online meeting-related data like URLs, IDs, topics, descriptions, and embedded passwords. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zoom-stealer-browser-extensions-harvest-corporate-meeting-intelligence/
-
HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks
HoneyMyte (Mustang Panda) is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia. First seen on hackread.com Jump to article: hackread.com/honeymyte-mustang-panda-toneshell-backdoor/
-
HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks
HoneyMyte (Mustang Panda) is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia. First seen on hackread.com Jump to article: hackread.com/honeymyte-mustang-panda-toneshell-backdoor/
-
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/
-
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/
-
Top 5 real-world AI security threats revealed in 2025
Tags: access, ai, api, attack, breach, chatgpt, cloud, control, credentials, cybercrime, data, data-breach, defense, email, exploit, flaw, framework, github, gitlab, google, injection, least-privilege, LLM, malicious, malware, microsoft, nvidia, open-source, openai, rce, remote-code-execution, risk, service, software, supply-chain, theft, threat, tool, vulnerabilityA critical remote code execution (RCE) in open-source AI agent framework Langflow that was also exploited in the wildAn RCE flaw in OpenAI’s Codex CLIVulnerabilities in NVIDIA Triton Inference ServerRCE vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, and open-source projects such as vLLM and SGLangVulnerabilities in open-source compute framework…
-
MAS: Malware durch Rechtschreibfehler bei Windows-Hack
Über die Microsoft Activation Scripts (MAS) lässt sich Windows ohne Lizenz aktivieren. Ein Tippfehler bei der Domain liefert allerdings Schadsoftware. First seen on golem.de Jump to article: www.golem.de/news/mas-malware-durch-rechtschreibfehler-bei-windows-hack-2512-203619.html
-
TDL 012 – The Architect of the Internet on the Future of Trust
Summary In this episode of The Defenders Log, Paul Mockapetris, the architect of DNS, discusses the evolving role of the Domain Name System from a simple directory to a sophisticated security tool. He posits that modern networking requires “making sure DNS doesn’t work when you don’t want it to,” comparing DNS filtering to essential services…
-
Fake MAS Windows activation domain used to spread PowerShell malware
A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the ‘Cosmali Loader’. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-mas-windows-activation-domain-used-to-spread-powershell-malware/
-
Microsoft Teams to let admins block external users via Defender portal
Tags: microsoftMicrosoft announced that security administrators will soon be able to block external users from sending messages, calls, or meeting invitations to members of their organization via Teams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-let-admins-block-external-users-via-defender-portal/