Tag: microsoft
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries
Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting Canadian users. By hijacking live Microsoft 365 sessions, the group redirects payroll deposits to attacker-controlled bank accounts while bypassing multifactor authentication (MFA) and blending in with normal user activity. The group’s…
-
Canadian employees targeted in payroll pirate attacks
A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll pirate attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-canadian-employees-targeted-in-payroll-pirate-attacks/
-
EngageLab SDK flaw opens door to private data on 50M Android devices
A flaw in EngageLab SDK exposed up to 50M Android users, including 30M crypto wallets, letting apps bypass security and access private data. Microsoft researchers found a critical flaw in EngageSDK that lets apps bypass Android sandbox protections and access private data. The flaw put millions of users, including over 30M crypto wallet installs, at…
-
Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find
When Microsoft reintroduced its redesigned Recall feature, security took center stage. The architecture was built around hardened components, including Virtualization-Based Security (VBS) enclaves, AES-256-GCM encryption, Windows Hello authentication, and a Protected Process Light (PPL) host. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/totalrecall-windows-recall-security-gap/
-
Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find
When Microsoft reintroduced its redesigned Recall feature, security took center stage. The architecture was built around hardened components, including Virtualization-Based Security (VBS) enclaves, AES-256-GCM encryption, Windows Hello authentication, and a Protected Process Light (PPL) host. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/totalrecall-windows-recall-security-gap/
-
New VENOM phishing attacks steal senior executives’ Microsoft logins
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called “VENOM” are targeting credentials of C-suite executives across multiple industries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/
-
‘BlueHammer’ Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
Under the alias ‘Chaotic Eclipse,’ a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an undisclosed beef with Microsoft. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/bluehammer-windows-exploit-microsoft-bug-disclosure-issues
-
Microsoft locks out VeraCrypt and WireGuard devs, blames verification process
No emails, no warnings, no humans just bots, catch-22s, and a 60-day appeals queue First seen on theregister.com Jump to article: www.theregister.com/2026/04/09/microsoft_dev_account_deactivations/
-
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by…
-
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by…
-
New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google Drive login page on the legitimate domain storage.googleapis.com, making the URL appear trustworthy to both users and security…
-
This fake Windows support website delivers password-stealing malware
A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/this-fake-windows-support-website-delivers-password-stealing-malware/
-
Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks
Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain controllers and web servers. By leveraging the new Microsoft Security Exposure Management tool, the system now uses context-aware intelligence to easily distinguish normal administrative tasks from malicious activities on critical network infrastructure. As cyberattacks become…
-
Nicht nur Veracrypt: Auch VPN-Entwickler von Microsoft ausgesperrt
Die Entwickler von Veracrypt, Wireguard und Windscribe können wegen gesperrter Microsoft-Accounts keine Updates bereitstellen. Microsoft reagiert. First seen on golem.de Jump to article: www.golem.de/news/nicht-nur-veracrypt-auch-vpn-entwickler-von-microsoft-ausgesperrt-2604-207360.html
-
TechTalk: »Unsere IT-Forensiker erkennen regelmäßig neue E-Mail-Angriffsvektoren«
Wieder einmal durften wir mit Hornetsecurity ein Videointerview aufzeichnen. Dieses Mal führte uns unserer Weg auf dem CloudFest 2026 an den Stand des Sicherheitsanbieters, wo Svenja Conrad auf unsere Fragen die passenden Antworten hatte. So wollten wir wissen, was die Standbesucher:innen am meisten interessiert hat, welche Bedrohungen Hornetsecurity derzeit im Microsoft 365-Umfeld wahrnimmt und welchen Tipp…
-
TechTalk: »Unsere IT-Forensiker erkennen regelmäßig neue E-Mail-Angriffsvektoren«
Wieder einmal durften wir mit Hornetsecurity ein Videointerview aufzeichnen. Dieses Mal führte uns unserer Weg auf dem CloudFest 2026 an den Stand des Sicherheitsanbieters, wo Svenja Conrad auf unsere Fragen die passenden Antworten hatte. So wollten wir wissen, was die Standbesucher:innen am meisten interessiert hat, welche Bedrohungen Hornetsecurity derzeit im Microsoft 365-Umfeld wahrnimmt und welchen Tipp…
-
Microsoft suspends dev accounts for high-profile open source projects
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/
-
Palo Alto Cortex XSOAR Flaw in Microsoft Teams Integration Lets Attackers Access Data
Palo Alto Networks has released a high-priority security update to address a serious vulnerability in its Cortex XSOAR and Cortex XSIAM platforms. Tracked as CVE-2026-0234, this security flaw exists within the Microsoft Teams integration. If successfully exploited, it allows an unauthenticated attacker to access and modify protected resources, prompting the vendor to assign the patch…
-
Microsoft Confirms Windows 11 Update Breaks Start Menu Search
Microsoft recently addressed a disruptive server-side flaw that completely disabled Start Menu search functionality for some Windows 11 23H2 users. The tech giant quickly acknowledged the incident and deployed an automatic fix behind the scenes. Because the repair happens directly on Microsoft’s servers, users do not need to search for or install any additional software…
-
WireGuard VPN developer can’t ship software updates after Microsoft locks account
The popular open source VPN maker is the second high-profile developer to say Microsoft locked his account without notifying him and are blocking their ability to send software updates to users. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/
-
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
The maker of the popular open-source file encryption software VeraCrypt said Microsoft locked his online account, which may prevent device owners from booting up their computers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/
-
Russian hacking group targets home and small office routers to spy on users
The FBI, NCSC, and Microsoft warn of an ongoing Russian campaign hijacking DNS settings on home and small office routers to spy on users. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/russian-hacking-group-targets-home-and-small-office-routers-to-spy-on-users/
-
AI Security Risks: How Enterprises Manage LLM, Shadow AI and Agentic Threats FireTail Blog
Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, conference, control, cybersecurity, data, data-breach, detection, email, endpoint, exploit, finance, framework, gartner, GDPR, governance, guide, infrastructure, injection, LLM, malicious, microsoft, monitoring, network, nvidia, office, regulation, risk, saas, software, threat, tool, training, vulnerabilityApr 08, 2026 – – Quick Facts: Enterprise AI Security Most enterprises are running AI at scale before their security teams have visibility into it. Shadow AI (unsanctioned AI tools spreading department by department) is now the most common entry point for data leakage. Agentic AI introduces a new category of risk: autonomous systems that…
-
Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure
Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours. First seen on hackread.com Jump to article: hackread.com/storm-1175-hackers-24-hour-medusa-ransomware-flaw/
-
Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying
Microsoft Threat Intelligence reveals how Russian hacking group Forest Blizzard uses home routers for DNS hijacking and spying. First seen on hackread.com Jump to article: hackread.com/russian-forest-blizzard-hackers-hijack-home-routers/