Tag: microsoft
-
HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks
HoneyMyte (Mustang Panda) is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia. First seen on hackread.com Jump to article: hackread.com/honeymyte-mustang-panda-toneshell-backdoor/
-
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/
-
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/
-
Top 5 real-world AI security threats revealed in 2025
Tags: access, ai, api, attack, breach, chatgpt, cloud, control, credentials, cybercrime, data, data-breach, defense, email, exploit, flaw, framework, github, gitlab, google, injection, least-privilege, LLM, malicious, malware, microsoft, nvidia, open-source, openai, rce, remote-code-execution, risk, service, software, supply-chain, theft, threat, tool, vulnerabilityA critical remote code execution (RCE) in open-source AI agent framework Langflow that was also exploited in the wildAn RCE flaw in OpenAI’s Codex CLIVulnerabilities in NVIDIA Triton Inference ServerRCE vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, and open-source projects such as vLLM and SGLangVulnerabilities in open-source compute framework…
-
MAS: Malware durch Rechtschreibfehler bei Windows-Hack
Über die Microsoft Activation Scripts (MAS) lässt sich Windows ohne Lizenz aktivieren. Ein Tippfehler bei der Domain liefert allerdings Schadsoftware. First seen on golem.de Jump to article: www.golem.de/news/mas-malware-durch-rechtschreibfehler-bei-windows-hack-2512-203619.html
-
TDL 012 – The Architect of the Internet on the Future of Trust
Summary In this episode of The Defenders Log, Paul Mockapetris, the architect of DNS, discusses the evolving role of the Domain Name System from a simple directory to a sophisticated security tool. He posits that modern networking requires “making sure DNS doesn’t work when you don’t want it to,” comparing DNS filtering to essential services…
-
Fake MAS Windows activation domain used to spread PowerShell malware
A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the ‘Cosmali Loader’. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-mas-windows-activation-domain-used-to-spread-powershell-malware/
-
Microsoft Teams to let admins block external users via Defender portal
Tags: microsoftMicrosoft announced that security administrators will soon be able to block external users from sending messages, calls, or meeting invitations to members of their organization via Teams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-let-admins-block-external-users-via-defender-portal/
-
Microsoft Enhances BitLocker with Hardware Acceleration Support
Microsoft has officially announced a major upgrade to its encryption technology with the introduction of hardware-accelerated BitLocker. Revealed by Microsoft’s Rafal Sosnowski following the Ignite conference, this new feature is designed to solve performance bottlenecks that have plagued high-speed storage drives, ensuring that users no longer have to choose between robust security and system speed.…
-
Israeli Organizations Targeted by AV-Themed Malicious Word and PDF Files
SEQRITE Labs’ Advanced Persistent Threat (APT) Team has uncovered a sophisticated campaign targeting Israeli organizations through weaponized Microsoft Word and PDF documents disguised as legitimate antivirus software. The operation, tracked as UNG0801 or >>Operation IconCat,
-
Microsoft rolls out hardware-accelerated BitLocker in Windows 11
Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-rolls-out-hardware-accelerated-bitlocker-in-windows-11/
-
Interpol sweep takes down cybercrooks in 19 countries
Tags: access, antivirus, attack, botnet, business, china, cyber, cyberattack, cybercrime, cybersecurity, data, defense, email, encryption, finance, fraud, group, incident response, infrastructure, intelligence, international, interpol, law, malicious, malware, microsoft, ransomware, russia, scam, service, theft, threatA ‘very good thing’: The fact that the same operation broke ransomware operations and a business email compromise (BEC) operation is “unique,” said DiMaggio, because most people think of Africa as the source of BEC and fraud scams.The fact that authorities are working to disrupt ransomware operations in Africa before they grow to the size…
-
Microsoft wants to replace its entire C and C++ codebase, perhaps by 2030
Plans move to Rust, with help from AI First seen on theregister.com Jump to article: www.theregister.com/2025/12/24/microsoft_rust_codebase_migration/
-
Microsoft rushes an outband update for Message Queuing bug
Redmond gets in early for the twelve whoopsies of Christmas First seen on theregister.com Jump to article: www.theregister.com/2025/12/23/microsoft_fixes_message_queuing_issue/
-
Best of 2025: Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)
10Critical 147Important 0Moderate 0Low Microsoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five CVEs publicly disclosed prior to patches being made available. Microsoft patched 157 CVEs in its January 2025 Patch Tuesday release, with 10 rated..…
-
Microsoft Teams strengthens messaging security by default in January
Microsoft Teams will automatically enable messaging safety features by default in January to strengthen defenses against content tagged as malicious. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-strengthens-messaging-security-by-default-in-january/
-
Neue Angriffswelle auf Microsoft 365-Konten
Sicherheitsforscher von Proofpoint warnen vor einer deutlichen Zunahme von Phishing-Kampagnen, die den legitimen Geräteautorisierungsprozess von Microsoft ausnutzen. Seit September 2025 beobachten die Experten großflächige Angriffe zur Kontoübernahme. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/angriffswelle-auf-microsoft-365
-
Windows-Denial-ofSchwachstellen – 0patch schließt RasMan-Absturzlücke vor Microsoft
First seen on security-insider.de Jump to article: www.security-insider.de/windows-rasman-dos-0patch-micropatch-a-a7bfa24afde773245a9432273de24759/
-
Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component and was discovered by security researchers at HT3Labs. Vulnerability Overview The Brokering File System, introduced alongside Windows’ Win32 App Isolation feature…
-
SideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax Department
Zscaler Threat Hunting has identified a sophisticated espionage campaign targeting Indian entities through fraudulent >>Income Tax Department
-
Der Cloud zu vertrauen, reicht nicht aus – Sieben Gründe, warum Unternehmen Microsoft-365-Backups brauchen
First seen on security-insider.de Jump to article: www.security-insider.de/sieben-gruende-warum-unternehmen-microsoft-365-backups-brauchen-a-6f44269b3effe6d09a2d568e060c47d2/
-
Termine – Das war der Microsoft Patchday 2025
Tags: microsoftFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-patchday-2025-patch-tuesday-a-12587d100d02b61d2169217bdfbcc38b/
-
Podcast: Die IT-Tops und -Flops 2025
Tags: ai, cio, jobs, malware, microsoft, nis-2, open-source, ransomware, software, vulnerability-managementDie Redaktion von Computerwoche, CIO und CSO sieht das IT-Jahr 2025 mit gemischten Gefühlen zu Ende gehen.Ein turbulentes Jahr 2025 neigt sich dem Ende zu. Es war geprägt von wirtschaftlicher Unsicherheit, geopolitischen Spannungen und dem ungebremsten Siegeszug der Künstlichen Intelligenz. Grund genug für die Redaktion von Computerwoche, CIO und CSO, in der letzten TechTalk-Podcast-Folge des…
-
Microsoft Teams Outage Causes Global Messaging Delays and Service Interruptions
Microsoft Teams users worldwide experienced significant service disruptions on December 20, 2025, as the collaboration platform encountered widespread issues affecting messaging functionality and other critical service operations. The company has acknowledged the incident and is actively investigating the root cause. According to Microsoft 365 Status updates, users reported experiencing delays in message delivery and problems…
-
Microsoft Teams Outage Causes Global Messaging Delays and Service Interruptions
Microsoft Teams users worldwide experienced significant service disruptions on December 20, 2025, as the collaboration platform encountered widespread issues affecting messaging functionality and other critical service operations. The company has acknowledged the incident and is actively investigating the root cause. According to Microsoft 365 Status updates, users reported experiencing delays in message delivery and problems…
-
Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts
Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft’s legitimate OAuth 2.0 device authorization grant flow to trick users into giving them access to their M365 accounts, Proofpoint researchers say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/surge-of-oauth-device-code-phishing-attacks-targets-m365-accounts/
-
Cloud Atlas Exploits Office Vulnerabilities to Execute Malicious Code
The Cloud Atlas threat group, active since 2014, continues to pose a significant risk to organizations in Eastern Europe and Central Asia through sophisticated attacks leveraging legacy Microsoft Office vulnerabilities. Security researchers have documented the group’s expanded arsenal and evolving infection chains deployed throughout the first half of 2025, revealing previously undescribed implants and attack…
-
Microsoft confirms Teams is down and messages are delayed
Tags: microsoftMicrosoft Teams is experiencing issues, with thousands reporting problems sending messages, including delays. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-teams-is-down-and-messages-are-delayed/