Tag: microsoft
-
Attacken auf Firmennetzwerke: Hacker tricksen Teams-Nutzer mit Spam aus
Google-Forscher warnen vor einer Hackergruppe, die Nutzer bei Microsoft Teams austrickst, um gefährliche Malware in Firmennetzwerke zu schleusen. First seen on golem.de Jump to article: www.golem.de/news/attacken-auf-firmennetzwerke-hacker-tricksen-teams-nutzer-mit-spam-aus-2604-208048.html
-
Windows 11: Microsoft erlaubt unbegrenztes Pausieren von Updates
Microsoft reagiert auf Kritik: Nutzer von Windows 11 können Systemaktualisierungen künftig beliebig oft um jeweils 35 Tage verschieben. First seen on golem.de Jump to article: www.golem.de/news/windows-11-microsoft-erlaubt-unbegrenztes-pausieren-von-updates-2604-208031.html
-
Suspicious Microsoft Store App Vibing.exe Allegedly Harvests Screens and Audio
A recently discovered application called Vibing.exe has raised major privacy and security alarms after researchers caught it stealthily recording user screens and audio. Originally available on the Microsoft Store as an AI productivity interface, the app was pulled in late April 2026 following discoveries that it secretly siphoned data to a remote server. Security analysts…
-
Sicherheit im Unternehmen: Warum eine korrekte EArchivierung so wichtig ist Die unterschätzte Schwachstelle
E-Mails sind das Rückgrat der geschäftlichen Kommunikation und zugleich ein oft unterschätztes Sicherheits- und Compliance-Risiko für Unternehmen. Unzureichende Archivierung, menschliche Fehler und steigende regulatorische Anforderungen machen das E-Mail-Postfach zunehmend zum Einfallstor für Datenschutzverstöße, Cyberangriffe und Vertrauensverluste. Mit einem sicheren Outlook- oder Microsoft 365-Add-In lassen sich Sicherheitslücken schließen sowie Mails und Metadaten Compliance-konform speichern. First seen…
-
Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation
Microsoft Entra Agent ID flaw allowed privilege escalation and tenant takeover via Service Principal abuse, now fully patched by Microsoft. First seen on hackread.com Jump to article: hackread.com/microsoft-entra-agent-id-flaw-tenant-takeover/
-
Microsoft tackles quality control issues. Just kidding, it’s encouraging experienced workers to leave
Windows giant offers buyouts to eligible staffers willing to walk First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/microsoft_seeks_quality_improvements_by/
-
Microsoft tackles quality control issues. Just kidding, it’s encouraging experienced workers to leave
Windows giant offers buyouts to eligible staffers willing to walk First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/microsoft_seeks_quality_improvements_by/
-
Microsoft rolls out revamped Windows Insider Program
Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliability concerns affecting Windows 11. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-revamped-windows-insider-program/
-
Crime crew impersonates help desk, abuses Microsoft Teams to steal your data
Coming in cold with custom Snow malware First seen on theregister.com Jump to article: www.theregister.com/2026/04/25/new_crime_crew_impersonates_help_desks/
-
Microsoft gives your Word documents an AI co-author you didn’t ask for
Also rolls out agentic Copilot in Excel and PowerPoint, letting 21st century Clippy lend a… hand First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/microsoft_gives_your_word_documents/
-
Microsoft gives your Word documents an AI co-author you didn’t ask for
Also rolls out agentic Copilot in Excel and PowerPoint, letting 21st century Clippy lend a… hand First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/microsoft_gives_your_word_documents/
-
Microsoft gives your Word documents an AI co-author you didn’t ask for
Also rolls out agentic Copilot in Excel and PowerPoint, letting 21st century Clippy lend a… hand First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/microsoft_gives_your_word_documents/
-
Microsoft gives your Word documents an AI co-author you didn’t ask for
Also rolls out agentic Copilot in Excel and PowerPoint, letting 21st century Clippy lend a… hand First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/microsoft_gives_your_word_documents/
-
Windows Update gets new controls to reduce forced restarts
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-update-gets-new-controls-to-reduce-forced-restarts/
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra”‘protected resources from Windows devices starting late April. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-roll-out-entra-passkeys-on-windows-in-late-april/
-
KI-Vishing auf Knopfdruck: Die kriminelle Plattform ATHR revolutioniert Telefonbetrug
Die Plattform ATHR kombiniert KI mit klassischen Phishing-Methoden, um Angriffe fast vollständig zu automatisieren. Für eine Einstiegsgebühr von 4.000 US-Dollar erhalten Kriminelle Zugang zu einer Infrastruktur, die selbst erfahrene Sicherheitsfilter umgeht und globale Marken wie Google und Microsoft ins Visier nimmt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ki-vishing-athr-telefonbetrug
-
Microsoft beefs up Remote Desktop security with … hardread messages
Ailing scaling blamed by Windows-maker for unreadable missives First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/remote_desktop_security_beefed_up/
-
Microsoft now lets admins uninstall Copilot on enterprise devices
Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-admins-uninstall-copilot-on-enterprise-devices/
-
Hackers Exploit Agent ID Administrator Role to Hijack Service Principals
A severe scoping vulnerability was recently discovered in Microsoft Entra ID’s new Agent Identity Platform. The security flaw allowed users assigned the Agent ID Administrator role to hijack arbitrary service principals across an organization’s tenant, leading to potential privilege escalation. Although the administrative role was designed strictly to manage AI agent identities, a boundary breakdown…
-
Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio, Microsoft .NET Framework, Widely used products such as Azure, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by……
-
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access.Zscaler ThreatLabz, which discovered the campaign last month, has attributed it with high confidence to Tropic…
-
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access.Zscaler ThreatLabz, which discovered the campaign last month, has attributed it with high confidence to Tropic…
-
Google drafts AI agents to secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
AI is speeding up nation-state cyber programs
In this Help Net Security interview, Kaja Ciglic, Senior Director, Cybersecurity Policy and Diplomacy at Microsoft, discusses how nation-state cyber programs have changed over … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/kaja-ciglic-microsoft-nation-state-cyber-programs/
-
Harvester APT Goes Cross-Platform: New Linux Backdoor Abuses Microsoft Graph API
The post Harvester APT Goes Cross-Platform: New Linux Backdoor Abuses Microsoft Graph API appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/harvester-apt-linux-backdoor-microsoft-graph-api/