Tag: microsoft
-
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques.”The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients First seen on thehackernews.com…
-
Gefälschte KIErweiterungen gefährden Unternehmens-Chats
Die Warnung von Microsoft vor bösartigen, KI-thematischen Browser-Erweiterungen, die Nutzerdaten abgreifen, zeigt, wie schnell Cyberkriminelle auf die rasche Verbreitung generativer KI-Tools reagieren. Sicherheitsforscher identifizierten kürzlich gefälschte KI-Assistenten-Erweiterungen, die über Browser-Marktplätze verbreitet wurden und darauf ausgelegt waren, die Browseraktivität zu überwachen und leise Informationen von Nutzern zu sammeln, die mit beliebten KI-Plattformen wie ChatGPT oder Deepseek…
-
Academia and the “AI Brain Drain”
In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to fund the building of physical infrastructure, such as data centers (see go.nature.com/3lzf79q). Moreover, these firms are spending lavishly on one particular segment: top technical talent. Meta…
-
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
vpn-fortinet[.]com and ivanti-vpn[.]org, hosting malicious ZIP files on GitHub, the advisory said.The malware itself arrives as a ZIP file containing a Windows Installer package. When a user launches the downloaded installer, it drops a fake Pulse Secure application into a directory that closely mimics a legitimate Pulse Secure installation path, Microsoft said.”This installation path blends…
-
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
vpn-fortinet[.]com and ivanti-vpn[.]org, hosting malicious ZIP files on GitHub, the advisory said.The malware itself arrives as a ZIP file containing a Windows Installer package. When a user launches the downloaded installer, it drops a fake Pulse Secure application into a directory that closely mimics a legitimate Pulse Secure installation path, Microsoft said.”This installation path blends…
-
Microsoft Copilot Email and Teams Summarization Flaw Opens Door to Phishing Attacks
Artificial intelligence assistants have transformed daily business operations, helping teams manage overflowing inboxes and summarize complex communications. Microsoft Copilot integrates directly into these workflows, pulling context from various Microsoft 365 applications to streamline tasks. However, this convenience introduces a new security boundary: what happens when Copilot follows hidden instructions written by an attacker inside an…
-
The who, what, and why of the attack that has shut down Stryker’s Windows network
Company says it doesn’t know how long it will take to restore its Microsoft environment. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/03/whats-known-about-wiper-attack-on-stryker-a-major-supplier-of-lifesaving-devices/
-
Breach Roundup: Russian State Actors Target Signal, WhatsApp
Also, More ClickFix Attacks and Teen Booters Arrested in Poland. This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a 14K-router botnet, Polish teens held over DDoS tools and Finland warned of Russian, Chinese espionage. North Korean IT workers for hire. First…
-
Destructive Activity Targeting Stryker Highlights Emerging Supply Chain Risks
On March 11th, medical technology company Stryker disclosed that a cyberattack had disrupted portions of its global network infrastructure, affecting Microsoft systems used across the organization. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/destructive-activity-targeting-stryker-highlights-emerging-supply-chain-risks/
-
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Scammers are hijacking popular security tools like Cloudflare to hide fake Microsoft 365 login pages. Learn how this new invisible phishing campaign bypasses antivirus software and how you can stay safe. First seen on hackread.com Jump to article: hackread.com/hackers-cloudflare-human-check-microsoft-365-phishing/
-
Stryker tells SEC that timeline for recovery from cyberattack unknown
In an 8-K filing with the SEC, Stryker confirmed that the cyberattack caused a global disruption to the company’s Microsoft environment and said external cybersecurity experts were brought in to “assess and to contain the threat.” First seen on therecord.media Jump to article: therecord.media/stryker-tells-sec-unknown-timeline-recovery
-
Microsoft Authenticator could leak login codes”, update your app now
A bug in Microsoft Authenticator on Android and iOS could allow malicious apps on the same device to intercept authentication codes or sign-in links. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/microsoft-authenticator-could-leak-login-codes-update-your-app-now/
-
Factors That Complicate Pricing When Using Microsoft Intune for Authentication
Learn how BYOD policies complicate Microsoft Intune authentication pricing, including Entra ID, Conditional Access, and additional security costs. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/factors-that-complicate-pricing-when-using-microsoft-intune-for-authentication/
-
Iran-linked group says it hacked US company in retaliation for Minab school bombing
Hacker group Handala claimed responsibility for attack that caused ‘global disruption’ to Stryker Corporation’s systemsAn Iran-linked group said it hacked a US medical company, causing “global disruption” to its systems, in retaliation for the bombing of the Minab school in Iran, in an attack seen as widening the Middle East into the cyber realm.Handala, a…
-
Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials
A recent Microsoft 365 credential harvesting campaign shows how attackers are exploiting CloudFlare’s protective features to shield malicious phishing sites from security scanners and threat researchers. CloudFlare is widely used by organizations to improve website performance and protect against attacks such as bots, DDoS, and automated scanning. However, these same protections can also unintentionally benefit…
-
Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials
A recent Microsoft 365 credential harvesting campaign shows how attackers are exploiting CloudFlare’s protective features to shield malicious phishing sites from security scanners and threat researchers. CloudFlare is widely used by organizations to improve website performance and protect against attacks such as bots, DDoS, and automated scanning. However, these same protections can also unintentionally benefit…
-
Medtech Firm Stryker Disrupted by Pro-Iran Hackers
Iran Expands Targeting, Including AWS, Google and Microsoft Infrastructure. Michigan-based medical technology giant Stryker appears to have been hacked by a pro-Iranian group called Handala, leading to global operations being disrupted, IT devices remotely wiped and terabytes of data being stolen. Experts said Handala appears to be a faketivist group run by Tehran. First seen…
-
Microsoft Authenticator to nuke Entra creds on rooted and jailbroken phones
Warning, lockout, then wipe if your device trips detection First seen on theregister.com Jump to article: www.theregister.com/2026/03/10/microsoft_authenticator_checks/
-
AWS expands Security Hub for multicloud security operations
Tags: access, api, ceo, ciso, cloud, cybersecurity, data, detection, endpoint, framework, google, identity, incident response, india, infrastructure, Internet, microsoft, monitoring, risk, threat, tool, vulnerability, vulnerability-managementCross-cloud security monitoring: While AWS has not provided technical details on how it will identify vulnerabilities outside its native environment, Sanchit Vir Gogia, chief analyst at Greyhound Research, said multicloud visibility typically works by collecting signals from multiple security systems and translating them into a consistent format so they can be analysed together.A key enabler…
-
March 2026 Patch Tuesday fixes two zero-day vulnerabilities
Microsoft patched 79 security vulnerabilities this month, including bugs that could let attackers escalate privileges or crash critical services. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/march-2026-patch-tuesday-fixes-two-zero-day-vulnerabilities/
-
March 2026 Patch Tuesday fixes two zero-day vulnerabilities
Microsoft patched 79 security vulnerabilities this month, including bugs that could let attackers escalate privileges or crash critical services. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/march-2026-patch-tuesday-fixes-two-zero-day-vulnerabilities-2/
-
March 2026 Patch Tuesday fixes two zero-day vulnerabilities
Microsoft patched 79 security vulnerabilities this month, including bugs that could let attackers escalate privileges or crash critical services. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/march-2026-patch-tuesday-fixes-two-zero-day-vulnerabilities-3/
-
März-Patchday für Windows 11 – Update mit Browser-Speedtest patcht auch Sicherheitslücken
Neben Neuerungen wie den integrierten Browser-Speedtest schließt Microsoft beim März-Patchday insgesamt 83 Sicherheitslücken. First seen on computerbase.de Jump to article: www.computerbase.de/news/betriebssysteme/maerz-patchday-fuer-windows-11-update-beinhaltet-den-browser-speedtest-und-schliesst-sicherheitsluecken.96496
-
Critical Vulnerability in Microsoft Office Allows Malicious Code to Run Remotely
Tags: cve, cvss, cyber, flaw, malicious, microsoft, office, remote-code-execution, threat, vulnerabilityMicrosoft has disclosed a critical security flaw in its Microsoft Office suite, officially tracked as CVE-2026-26110. Released on March 10, 2026, this Remote Code Execution (RCE) vulnerability poses a significant threat to organizations and individuals relying on the widely used productivity software. With a base CVSS score of 8.4, the flaw demands immediate attention from…
-
März-Patchday für Windows 11 – Update beinhaltet den Browser-Speedtest und schließt Sicherheitslücken
Neben Neuerungen wie den integrierten Browser-Speedtest schließt Microsoft beim März-Patchday insgesamt 83 Sicherheitslücken. First seen on computerbase.de Jump to article: www.computerbase.de/news/betriebssysteme/maerz-patchday-fuer-windows-11-update-beinhaltet-den-browser-speedtest-und-schliesst-sicherheitsluecken.96496
-
Microsoft patches 80+ vulnerabilities, six flagged as >>more likely<< to be exploited
On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/11/march-2026-patch-tuesday/
-
Microsoft Fixes 79 Flaws in March Patch Tuesday, Including Two 0-Days
Microsoft fixes 79 vulnerabilities in March 2026 Patch Tuesday, including two publicly disclosed 0-days affecting SQL Server, .NET and Windows systems. First seen on hackread.com Jump to article: hackread.com/microsoft-march-patch-tuesday-two-0-days-flaws/
-
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known.Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vulnerabilities relate to privilege escalation, followed by 18 remote code execution, 10 information…
-
Microsoft Patch Tuesday March 2026: Two Zero-Days and Critical RCE Bugs Fixed
The Microsoft Patch Tuesday March 2026 release introduces security updates addressing 79 vulnerabilities, including two publicly disclosed zero-day vulnerabilities and several high-risk issues tied to remote code execution. The monthly security rollout includes fixes across multiple Microsoft products such as SQL Server, .NET, Microsoft Office, SharePoint Server, and Azure services. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-patch-tuesday-march-2026/