Tag: microsoft
-
Bubble AI app builder abused to steal Microsoft account credentials
Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bubble-ai-app-builder-abused-to-steal-microsoft-account-credentials/
-
AI Has Created a New Attack Surface and Encryption Is Not Enough
Tags: access, ai, attack, ciso, cryptography, cybersecurity, data, data-breach, defense, encryption, endpoint, exploit, framework, injection, intelligence, leak, LLM, microsoft, mitigation, network, risk, service, side-channel, sql, training, vulnerability<div cla Executive Insight For decades, enterprises relied on strong encryption to protect sensitive data in transit, and encryption used to be the end of the conversation. If an organization could say “we use TLS 1.3 and modern cipher suites,” that was enough to reassure boards, regulators, and customers that data in transit was…
-
AI Has Created a New Attack Surface and Encryption Is Not Enough
Tags: access, ai, attack, ciso, cryptography, cybersecurity, data, data-breach, defense, encryption, endpoint, exploit, framework, injection, intelligence, leak, LLM, microsoft, mitigation, network, risk, service, side-channel, sql, training, vulnerability<div cla Executive Insight For decades, enterprises relied on strong encryption to protect sensitive data in transit, and encryption used to be the end of the conversation. If an organization could say “we use TLS 1.3 and modern cipher suites,” that was enough to reassure boards, regulators, and customers that data in transit was…
-
Emergency Microsoft, Oracle patches point to wider cyber issues
Emergency out-of-band patches from Microsoft and Oracle signal underlying security issues around update cycles and patching, and identity security and zero-trust, says the community First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640648/Emergency-Microsoft-Oracle-patches-point-to-wider-cyber-issues
-
Meet Khaled Mohamed: the bug hunter who found a Microsoft flaw
We talked to Khaled Mohamed on going from script kiddie to bug bounty hunter, and the moment he uncovered a flaw in Microsoft Authenticator. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/meet-khaled-mohamed-the-bug-hunter-who-found-a-microsoft-flaw/
-
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that’s targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany.The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then. Notably, the campaign leverages…
-
Microsoft hands Entra ID users new option for MFA
Organizations rely on MFA to enforce identity checks before granting access to systems and services. Microsoft has made external MFA generally available in Microsoft Entra ID, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/microsoft-entra-id-external-mfa/
-
Microsoft outlines agentic AI security strategy with new Defender, Entra and Purview capabilities
First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/microsoft-outlines-agentic-ai-security-strategy-with-new-defender-entra-and-purview-capabilities/
-
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization and connection problems for classic Outlook users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-outlook-sync-issues-for-gmail-users/
-
Huntress Brings ITDR to Google Workspace as Identity Attacks Surge
Huntress has announced it is extending its Managed Identity Threat Detection and Response (ITDR) solution to Google Workspace, marking a significant expansion of the company’s cloud identity security coverage and coming at a telling moment. The announcement, made today at RSA Conference in San Francisco, coincides with Huntress surpassing 10 million Microsoft 365 identities protected…
-
Microsoft Proposes Better Identity, Guardrails for AI Agents
Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point. First seen on darkreading.com Jump to article: www.darkreading.com/identity-access-management-security/microsoft-proposes-better-identity-guardrails-ai-agents
-
Wenn der Chat zur Angriffsfläche wird: KnowBe4 reagiert mit Phish Alert Button
Mit der Integration des Phish Alert Button in Microsoft Teams reagiert KnowBe4 genau auf diese Entwicklung. Die Idee dahinter ist so simpel wie wirkungsvoll. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wenn-der-chat-zur-angriffsflaeche-wird-knowbe4-reagiert-mit-phish-alert-button/a44292/
-
IIS ohne Support: Hunderttausende angreifbare Microsoft-Server im Netz
Mehr als eine halbe Million online erreichbare IIS-Webserver haben ihren End-of-Life-Status erreicht. Auch in Deutschland stehen einige davon. First seen on golem.de Jump to article: www.golem.de/news/iis-ohne-support-hunderttausende-angreifbare-microsoft-server-im-netz-2603-206863.html
-
IIS ohne Support: Hunderttausende angreifbare Microsoft-Server im Netz
Mehr als eine halbe Million online erreichbare IIS-Webserver haben ihren End-of-Life-Status erreicht. Auch in Deutschland stehen einige davon. First seen on golem.de Jump to article: www.golem.de/news/iis-ohne-support-hunderttausende-angreifbare-microsoft-server-im-netz-2603-206863.html
-
Meldebutton für Phishing in Microsoft-Teams
KnowBe4 führt seinen ‘Phish Alert Button” auf Microsoft-Teams ein. Dies stellt einen bedeutenden Meilenstein in der Sicherheit bei der Zusammenarbeit in Teams dar. Die gleichen Ein-Klick-Funktionen zur Reaktion auf Vorfälle, die bisher ausschließlich für E-Mails verfügbar waren, lassen sich nun direkt in die Kollaborationsplattform integrieren, in der Mitarbeitende täglich kommunizieren und interagieren. ‘Cyberkriminelle zielen nicht…
-
Microsoft details AI prompt abuse techniques targeting AI assistants
Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/microsoft-ai-prompt-abuse-detection/
-
CVE-2026-20963: SharePoint Deserialization Remote Code Execution Vulnerability
Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed vulnerability, tracked as CVE-2026-20963. Rooted in unsafe deserialization of user-controlled data, this vulnerability allows remote. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/cve-2026-20963-sharepoint-deserialization-remote-code-execution-vulnerability/
-
CVE-2026-20963: SharePoint Deserialization Remote Code Execution Vulnerability
Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed vulnerability, tracked as CVE-2026-20963. Rooted in unsafe deserialization of user-controlled data, this vulnerability allows remote. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/cve-2026-20963-sharepoint-deserialization-remote-code-execution-vulnerability/
-
Threat Actors Target MS-SQL Servers to Deploy ICE Cloud Scanner Malware
Threat actors are continuing to aggressively target Microsoft SQL (MS-SQL) servers in 2026, with new evidence showing the deployment of a scanner malware known as ICE Cloud Client. Larva-26002 has maintained a consistent focus on poorly secured MS-SQL servers exposed to the internet. These systems are typically compromised through brute-force or dictionary attacks using weak…
-
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
North Korea-linked threat actors use VS Code auto-run tasks to spread StoatWaffle malware via malicious projects that execute on folder open. North Korea-linked threat actor Team 8 behind the Contagious Interview campaign is spreading StoatWaffle malware through malicious Microsoft Visual Studio Code projects. Since late 2025, they have abused the “tasks.json” auto-run feature in Microsoft…
-
Microsoft Unveils New GenAI Security Protections in Azure AI Foundry
Microsoft has outlined a new set of security safeguards designed to protect generative AI models hosted on Azure AI Foundry, as organizations increasingly adopt advanced AI systems into critical workflows. The move comes amid rapid growth in generative AI capabilities, where new models are released frequently, raising concerns about trust, data security, and supply chain…
-
Expel Launches Managed SIEM to Take Detection Engineering Off Security Teams’ Plates
Expel launched Managed SIEM on Monday at RSAC 2026, a co-managed service that puts the company’s detection engineers directly inside customers’ Microsoft Sentinel and Splunk Enterprise Security environments. The service is designed to address what Expel calls a fundamental mismatch between what SIEMs promise and what security teams actually end up spending time on. Most..…
-
CrowdStrike Adds Microsoft Defender Support to Falcon Next-Gen SIEM at RSAC 2026
CrowdStrike used RSAC 2026 to push Falcon Next-Gen SIEM deeper into Microsoft-centric environments, announcing that the platform can now ingest and correlate Microsoft Defender for Endpoint telemetry without requiring organizations to deploy additional sensors. The move significantly broadens who can adopt Falcon Next-Gen SIEM without committing to a full endpoint stack migration. Alongside the Defender..…
-
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects.The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since December…
-
Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps
A Windows 11 security update triggered Microsoft app sign-in failures, prompting an emergency patch and a manual workaround for affected users. The post Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-11-update-login-error-march-2026/
-
5 Big CrowdStrike Launches For Next-Gen SIEM, AI Security
CrowdStrike is doubling down on support for Microsoft security tools with a major update to its Falcon Next-Gen SIEM platform, along with launching enhanced new AI security capabilities, the cybersecurity giant announced Monday. First seen on crn.com Jump to article: www.crn.com/news/security/2026/5-big-crowdstrike-launches-for-next-gen-siem-ai-security
-
Microsoft Exchange Online service change causes email access issues
Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-exchange-online-virtual-account-blocks-email-access-via-mobile-mac-apps/
-
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware.The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive recipients…
-
Microsoft fixes broken Windows update days after vowing fewer broken updates
The era of reliability begins… right after this out-of-band patch First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/emergency_fix_windows_11/
-
511,000+ EndLife IIS Instances Found Online, Raising Security Risks
Security researchers at The Shadowserver Foundation have identified a massive internet-facing attack surface, discovering more than 511,000 End-of-Life Microsoft Internet Information Services (IIS) instances currently active online. This widespread deployment of outdated web servers presents a significant security risk to global networks, as these systems no longer receive standard security updates from the vendor. 511,000+…