Tag: microsoft
-
Goßangelegter Missbrauch namhafter SaaS-Plattformen für Telefon-Betrug
Check Point Research (CPR), die Sicherheitsforschungs-abteilung von Check Point Software Technologies, hat eine groß angelegte Phishing-Kampagne identifiziert, die bekannte SaaS-Dienste von Microsoft, Amazon, Zoom oder Youtube ausnutzt, um ihre Opfer zu betrügerischen Telefonaten zu verleiten. Anstatt Domänen zu fälschen oder bösartige Links zu versenden, missbrauchen Angreifer gezielt legitime Software-as-a-Service-Plattformen, um telefonbasierte Betrugsversuche durchzuführen, die für…
-
Microsoft engineer speedruns Raspberry Pi magic smoke in five minutes
Only cool dudes should wear a HAT backward First seen on theregister.com Jump to article: www.theregister.com/2026/02/04/microsoft_manager_pi_smoke/
-
February 2026 Patch Tuesday forecast: Lots of OOB love this month
Valentine’s Day is just around the corner and Microsoft has been giving us a lot of love with a non-stop supply of patches starting with January 2026 Patch Tuesday. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/february-2026-patch-tuesday-forecast/
-
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send…
-
Microsoft actually does something useful, adds Sysmon to Windows
After years of bolting AI onto everything, Redmond remembers admins exist First seen on theregister.com Jump to article: www.theregister.com/2026/02/04/microsoft_adds_sysmon_to_windows/
-
Breach Roundup: Italy Thwarts Russian Olympic Hacks
Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…
-
Microsoft Brings Back Google’s Hayete Gallot to Run Security
CEO Nadella Names Gallot EVP, Current Head Charlie Bell Takes New Engineering Role. Microsoft CEO Satya Nadella announced leadership changes tied to security and engineering quality including Hayete Gallot’s return from Google as EVP of security and a new individual contributor role for current security leader Charlie Bell focused on engineering quality. First seen on…
-
Microsoft Overhauls Security Leadership as AI Expands Enterprise Attack Surface
Microsoft brings back Hayete Gallot to lead Security while Charlie Bell moves to an engineering quality mandate, both reporting to CEO Satya Nadella. The post Microsoft Overhauls Security Leadership as AI Expands Enterprise Attack Surface appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-gallot-security-bell-engineering-quality/
-
Microsoft Urges Users to Finally Ditch NTLM Authentication
Seeking to Add Urgency, Mandiant Publishes Rainbow Tables for NTLM Key Hashes. For nearly 30 years, security experts have warned organizations to ditch the weak NTLM authentication protocol in Windows. But its use persists, even amidst easy and active exploits. Now Google has published rainbow tables for NTLMv1. Will this finally drive holdout organizations to…
-
Microsoft to shut down Exchange Online EWS in April 2027
Microsoft announced today that the Exchange Web Services (EWS) API for Exchange Online will be shut down in April 2027, after nearly 20 years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-shut-down-exchange-web-services-in-cloud-in-2027/
-
Russian hackers attacking European maritime and transport orgs using Microsoft Office exploit
Russian state-linked hackers are exploiting a Microsoft Office vulnerability to target maritime organizations across Europe as part of a “sophisticated espionage campaign,” researchers said. First seen on therecord.media Jump to article: therecord.media/russian-hackers-microsoft-office-europe
-
macOS Users Hit by Python Infostealers Posing as AI Installers
Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces. First seen on hackread.com Jump to article: hackread.com/macos-users-python-infostealers-posing-ai-installers/
-
macOS Users Hit by Python Infostealers Posing as AI Installers
Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces. First seen on hackread.com Jump to article: hackread.com/macos-users-python-infostealers-posing-ai-installers/
-
Ohne Google oder Microsoft arbeiten: Eine Woche nur mit europäischer Software
First seen on t3n.de Jump to article: t3n.de/news/ohne-google-oder-microsoft-arbeiten-eine-woche-nur-mit-europaeischer-software-1728129/
-
Attackers exploit decade”‘old Windows driver flaw to shut down modern EDR defenses
The kill list excluded Huntress: The EDR killer binary used in the Huntress-observed attack packed a 64-bit Windows executable and a custom encoded kernel driver payload, which it decoded into OemHwUpd.sys and installed as a kernel-mode service. Because Windows still honors its cryptographic signature, the attackers were able to load the driver.Once the vulnerable driver…
-
New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hacking-exploits-windows-winrar/
-
Microsoft develops a new scanner to detect hidden backdoors in LLMs
Effectiveness of the scanner: Microsoft said the scanner does not require retraining models or prior knowledge of backdoor behavior and operates using forward passes only, avoiding gradient calculations or backpropagation to keep computing costs low.The company also said it works with most causal, GPT-style language models and can be used across a wide range of…
-
Microsoft brings project-focused AI agents into OneDrive
Teams often rely on shared document collections to track project history, decisions, and operational knowledge. To support this workflow, Microsoft introduced Agents in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/05/microsoft-onedrive-ai-agents/
-
Microsoft launches LiteBox, a security-focused open-source library OS
Microsoft has released LiteBox, a project intended to function as a security-focused library OS that can serve as a secure kernel for protecting a guest kernel using … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/05/microsoft-litebox-security-focused-open-source-library-os/
-
APT28 Hackers Exploit Microsoft Office Vulnerability to Target Government Agencies
Tags: attack, cyber, cyberattack, espionage, exploit, government, hacker, microsoft, military, office, phishing, russia, spear-phishing, theft, vulnerabilityRussian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the theft on secrets from maritime and transport agencies in countries such as Poland, Greece, and Ukraine. The attacks start with spear-phishing…
-
Satya Nadella decides Microsoft needs an engineering quality czar
Picks chap who used to lead Redmond’s security, lures replacement from Google First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/microsoft_appoints_quality_chief/
-
Microsoft to Integrate Sysmon Threat Detection Natively into Windows 11
Microsoft has officially begun rolling out native System Monitor (Sysmon) functionality to Windows 11, marking a significant shift for threat hunters and security operations centers (SOCs). Released via the Windows 11 Insider Preview Build 26300.7733 (Dev Channel) on February 3, 2026, this update embeds the popular Sysinternals tool directly into the operating system’s optional features.…
-
Microsoft releases urgent Office patch. Russian-state hackers pounce.
The window to patch vulnerabilities is shrinking rapidly. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/02/russian-state-hackers-exploit-office-vulnerability-to-infect-computers/
-
When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure email gateways, attackers continue to rely on documents because they blend seamlessly into everyday workflows. New reporting from The Hacker News details how APT28, a Russia-linked threat actor, is actively exploiting a newly disclosed Microsoft…
-
Microsoft Hires Ex-Google Cloud President Hayete Gallot As New Security Chief
Microsoft confirmed Wednesday that it has hired former Google Cloud executive Hayete Gallot to head its security division, replacing Charlie Bell. First seen on crn.com Jump to article: www.crn.com/news/security/2026/microsoft-hires-ex-google-cloud-president-hayete-gallot-as-new-security-chief
-
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence (AI) systems.The tech giant’s AI Security team said the scanner leverages three observable signals that can be used to reliably flag the presence of backdoors while…
-
Windows Shutdown Bug Spreads to Windows 10, Microsoft Confirms
Microsoft confirms a Windows bug preventing some PCs from shutting down or hibernating after January 2026 updates. A fix is still pending. The post Windows Shutdown Bug Spreads to Windows 10, Microsoft Confirms appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-shutdown-bug-secure-launch-vsm/
-
Microsoft rolls out native Sysmon monitoring in Windows 11
Microsoft has started rolling out built-in Sysmon functionality to some Windows 11 systems enrolled in the Windows Insider program. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-native-windows-11-sysmon-security-monitoring/
-
Russian hackers exploited a critical Office bug within days of disclosure
One campaign, two infection paths: ZScaler found that exploitation of CVE-2026-21509 did not lead to a single uniform payload. Instead, the initial RTF-based exploit branched into two distinct infection paths, each serving a different operational purpose. The choice of dropper reportedly determined whether the attackers prioritized near-term intelligence collection or longer-term access to compromised systems.In…