Tag: microsoft
-
New Microsoft Defender Update Issued for Windows 11, Windows 10, and Server Images
Microsoft has rolled out a fresh security intelligence update for Microsoft Defender Antivirus to help secure Windows 11, Windows 10, and Windows Server images. Released on April 7, 2026, this update equips endpoints with the latest threat detection logic and AI-enhanced cloud protection to defend against emerging malware campaigns. Keeping antimalware solutions up to date…
-
Microsoft Warns Storm-1175 Exploiting Web-Facing Vulnerabilities to Deploy Medusa Ransomware
Microsoft is warning that a fast”‘moving threat actor it tracks as Storm”‘1175 is aggressively exploiting vulnerabilities in internet”‘exposed systems to deliver Medusa ransomware in days and sometimes in under 24 hours. Storm”‘1175 is a financially motivated group known for high”‘velocity ransomware operations that weaponize recently disclosed, or “N”‘day”, vulnerabilities in web”‘facing services. The actor focuses…
-
How Mimecast brings enterprise-grade email protection to API deployment
In this Help Net Security video, Andrew Williams, Senior Product Manager at Mimecast, walks through the company’s API-based email security protection for Microsoft 365 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/mimecast-api-email-security-protection-video/
-
Windows Defender 0-Day Published Online, Giving Attackers Potential Full Access
A newly discovered zero-day vulnerability, dubbed >>BlueHammer,<< has been publicly disclosed. The flaw, which has been linked to Windows Defender, allows attackers to achieve Local Privilege Escalation (LPE) and potentially gain full administrative access to compromised systems. Because a patch is not yet available from Microsoft, this public release leaves Windows users temporarily exposed to…
-
Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says
Microsoft said it has been alarmed to see how effective Medusa actors are, citing multiple cases where the group can move from initial access to data exfiltration and ransomware deployment within 24 hours. First seen on therecord.media Jump to article: therecord.media/medusa-ransomware-group-zero-days-microsoft
-
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/
-
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-classic-outlook-bug-causing-email-delivery-issues/
-
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East.The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check…
-
Big tech vows to continue CSAM scanning in Europe despite expiration of law allowing it
Microsoft, Google, Meta and Snapchat released a statement on Friday saying they “reaffirm their continued commitment to protecting children and preserving privacy, and will continue to take voluntary action” to complete the scans. First seen on therecord.media Jump to article: therecord.media/big-tech-vows-to-continue-csam-scanning
-
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-removes-support-and-recovery-assistant-from-windows/
-
Missile Alert Phishing Exploits IranIsrael Conflict for Microsoft Logins
New Phishing scam uses fake missile alerts and the ongoing conflict involving Iran to target users with QR codes and fake government emails to steal Microsoft passwords. First seen on hackread.com Jump to article: hackread.com/missile-alert-phishing-iran-us-israel-microsoft-logins/
-
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-links-medusa-ransomware-affiliate-to-zero-day-attacks/
-
Schneller zurück zur Kontrolle: Microsoft und Rubrik schließen die Lücke bei Identitätsangriffen
Tags: microsoftDie Integration von Microsoft Defender und Rubrik zeigt, wohin sich IT-Sicherheit entwickelt: weg von isolierten Warnsystemen, hin zu ganzheitlichen Lösungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/schneller-zurueck-zur-kontrolle-microsoft-und-rubrik-schliessen-die-luecke-bei-identitaetsangriffen/a44499/
-
Authentication is broken: Here’s how security leaders can actually fix it
Tags: access, attack, authentication, backup, business, communications, control, credentials, cryptography, data, exploit, fido, firmware, Hardware, healthcare, identity, login, mfa, microsoft, okta, passkey, privacy, resilience, risk, soc, technology, update, windowsSector snapshots: Where it breaks (and why that matters): Healthcare. Clinicians need tap and go speed with zero tolerance for downtime. One large hospital attempted to pair advanced HID SEOS credentials, which use privacy-preserving randomized IDs, with a clinical SSO platform that expects static IDs for user recognition. This architectural mismatch forced a choice between…
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…
-
Ex-Microsoft engineer believes Azure problems stem from talent exodus
The cloud service’s woes reflect a crisis made worse by AI under-investment in people First seen on theregister.com Jump to article: www.theregister.com/2026/04/04/azure_talent_exodus/
-
Microsoft shivs OpenAI with three new AI models for speech and images
About that partnership… First seen on theregister.com Jump to article: www.theregister.com/2026/04/02/microsoft_models_homegrown_ai_models/
-
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linkedin-secretly-scans-for-6-000-plus-chrome-extensions-collects-data/
-
LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software
A new investigation by Fairlinked e.V. claims that Microsoft-owned LinkedIn is running a massive, undisclosed corporate surveillance operation. According to the >>BrowserGate<< report, hidden code on LinkedIn's website secretly scans the computers of its one billion users to detect installed software and browser extensions. This scanning reportedly happens without user consent, disclosure, or any mention…
-
Even Microsoft knows Copilot shouldn’t be trusted with anything important
Tags: microsoftTerms admit it is for entertainment only and may get things wrong First seen on theregister.com Jump to article: www.theregister.com/2026/04/02/copilot_terms_of_service/
-
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linkedin-secretely-scans-for-6-000-plus-chrome-extensions-collects-data/
-
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team.”Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate…
-
Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches
Microsoft’s Secure Boot certificates, issued in 2011, are approaching expiration in 2026. To help IT administrators track whether devices have received replacement … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/03/windows-secure-boot-certificate-update-2026-expiration/
-
Microsoft Forces Unmanaged Windows 11 Devices to Upgrade to Version 24H2
Microsoft has officially initiated an automated, machine-learning-based rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its ongoing efforts to keep devices secure, similar to routine patch deployments that address critical system vulnerabilities, the tech giant is forcefully upgrading all eligible Home and Pro devices currently running version 24H2. For consumers and…
-
CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry
Once CrowdStrike’s nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/crowdstrike-falcon-ingest-microsoft-defender-telemetry
-
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-still-working-to-fix-exchange-online-mailbox-access-issues/
-
Microsoft veteran says some ‘broken by update’ PCs were already doomed
Patch Tuesday often gets blamed when a reboot merely exposes damage already done, according to Chen First seen on theregister.com Jump to article: www.theregister.com/2026/04/02/chen_windows_updates/
-
12 cyber industry trends revealed at RSAC 2026
Tags: access, ai, application-security, authentication, awareness, business, ciso, cloud, control, cyber, cybersecurity, data, deep-fake, defense, detection, edr, endpoint, firewall, gartner, governance, identity, infrastructure, insurance, metric, microsoft, monitoring, mssp, phishing, programming, risk, risk-management, service, siem, skills, soc, software, startup, technology, threat, tool, trainingLegacy security vendors have the inside track on AI, for now: As far as AI technology consumption for cybersecurity, most CISOs I spoke with were open-minded while leaning toward their existing vendors, at least in the short term. This may buy legacy security vendors a bit, but not much time.Remember what happened in the cloud…