Tag: microsoft
-
Microsoft Confirms Court-Ordered BitLocker Key Releases
FBI Accessed Encrypted Windows Devices Via BitLocker Keys, Microsoft Says. Microsoft confirmed it handed over BitLocker recovery keys to the FBI in 2025 under court order, raising concerns over cloud-stored encryption keys and whether default designs that prioritize recovery convenience and efficiency weaken user control and security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-confirms-court-ordered-bitlocker-key-releases-a-30593
-
Microsoft Confirms Court-Ordered BitLocker Key Releases
FBI Accessed Encrypted Windows Devices Via BitLocker Keys, Microsoft Says. Microsoft confirmed it handed over BitLocker recovery keys to the FBI in 2025 under court order, raising concerns over cloud-stored encryption keys and whether default designs that prioritize recovery convenience and efficiency weaken user control and security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-confirms-court-ordered-bitlocker-key-releases-a-30593
-
Microsoft Confirms Court-Ordered BitLocker Key Releases
FBI Accessed Encrypted Windows Devices Via BitLocker Keys, Microsoft Says. Microsoft confirmed it handed over BitLocker recovery keys to the FBI in 2025 under court order, raising concerns over cloud-stored encryption keys and whether default designs that prioritize recovery convenience and efficiency weaken user control and security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-confirms-court-ordered-bitlocker-key-releases-a-30593
-
Surrender as a service: Microsoft unlocks BitLocker for feds
If you’re serious about encryption, keep control of your encryption keys First seen on theregister.com Jump to article: www.theregister.com/2026/01/23/surrender_as_a_service_microsoft/
-
PowerShell architect retires after decades at the prompt
After Microsoft, Google, and a long fight for automation, Jeffrey Snover hangs up his keyboard First seen on theregister.com Jump to article: www.theregister.com/2026/01/22/powershell_snover_retires/
-
Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks
Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures as both key parts of the evolving AI world and easy targets for threat actors. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/anthropic-microsoft-mcp-server-flaws-shine-a-light-on-ai-security-risks/
-
Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops: reports
The FBI served Microsoft a warrant requesting encryption recovery keys to decrypt the hard drives of people involved in an alleged fraud case in Guam. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/23/microsoft-gave-fbi-a-set-of-bitlocker-encryption-keys-to-unlock-suspects-laptops-reports/
-
Microsoft Introduces Brand Impersonation Protection Warning for Teams Calls
Microsoft is launching a new security feature designed to protect Teams users from fraudulent external callers impersonating trusted organizations. The Brand Impersonation Protection for Teams Calling will roll out starting mid-February 2026, with general availability expected by late February. The new protection mechanism evaluates inbound calls from external parties to identify signs of brand impersonation…
-
Outlook for iOS crashes, freezes due to coding error
Microsoft confirmed today that Outlook mobile may crash or freeze when launched on iPad devices due to a coding error. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-outlook-for-ios-crashes-freezes-due-to-coding-error/
-
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
Microsoft has warned of a multi”‘stage adversary”‘in”‘the”‘middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector.”The campaign abused SharePoint file”‘sharing services to deliver phishing payloads and relied on inbox rule creation to maintain persistence and evade user awareness,” the Microsoft Defender Security Research Team said. First seen on thehackernews.com…
-
Microsoft introduces winapp, an open-source CLI for building Windows apps
Microsoft has released winapp, a new command line interface aimed at simplifying the process of building Windows applications. The open-source tool targets developers who rely … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/23/microsoft-introduces-winapp-an-open-source-cli-for-building-windows-apps/
-
Microsoft 365 hit by outage, preventing access to emails and files
An hours-long outage is preventing Microsoft’s enterprise customers from accessing their inboxes, files, and video meetings. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/22/microsoft-365-hit-by-outage-preventing-access-to-emails-and-files/
-
Crims compromised energy firms’ Microsoft accounts, sent 600 phishing emails
Logging in, not breaking in First seen on theregister.com Jump to article: www.theregister.com/2026/01/22/crims_compromised_energy_firms_microsoft/
-
Microsoft updates Notepad and Paint with more AI features
Microsoft is rolling out new artificial intelligence features with the latest updates to the Notepad and Paint apps for Windows 11 Insiders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-updates-notepad-and-paint-with-more-ai-features/
-
DPRK Actors Deploy VS Code Tunnels for Remote Hacking
A spear-phishing campaign tied to the Democratic People’s Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/dprk-vs-code-tunnels-remote-hacking
-
Energy sector orgs targeted with AiTM phishing campaign
Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/22/energy-sector-aitm-phishing-sharepoint-misuse/
-
Warum Microsoft-365-Konfigurationen geschützt werden müssen
Tags: access, authentication, backup, ciso, cloud, compliance, framework, least-privilege, mail, mfa, microsoft, office, powershell, risk, zero-trustLesen Sie, warum CISOs den M365-Tenant stärker in den Blick nehmen müssen.Im Jahr 2010 war Office 365 eine einfache Suite mit Office-Anwendungen und zusätzlicher E-Mail-Funktion. Das hat sich 15 Jahre später mit Microsoft 365 geändert: Die Suite ist ein wesentliches Element in den Bereichen Kommunikation, Zusammenarbeit und Sicherheit. Dienste wie Entra, Intune, Exchange, Defender, Teams…
-
Microsoft shares workaround for Outlook freezes after Windows update
Microsoft shared a temporary workaround for customers experiencing Outlook freezes after installing this month’s Windows security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-shares-workaround-for-outlook-freezes-after-windows-update/
-
Mehr Sicherheit und bessere Governance für Microsoft-365-Tenants
Coreview bietet mit Tenant-Resilience und Tenant-Management ab sofort zwei neue Lösungen für den Schutz und das Management von Microsoft-365-Tenants über seine Coreview-One-Plattform an. Bei fast zwei Dritteln (63 %) der Microsoft-365-Tenants wird der Least-Privilege-Ansatz nicht umgesetzt. Gleichzeitig meldet Microsoft zunehmende Manipulationen von Konfigurationen bei Identitäts- und Gerätemanagementdiensten. Vor diesem Hintergrund gewinnt der Schutz und die…
-
Microsoft Intune changes to start biting unprepared admins
Mobile application management updates mean apps could soon be blocked First seen on theregister.com Jump to article: www.theregister.com/2026/01/19/microsoft_intune_deadline/
-
Patchday geht schief: Neue Windows-Updates lassen allerhand Apps einfrieren
Seit dem Januar-Patchday hängt sich Outlook bei einigen Anwendern immer wieder auf. Jetzt gesteht Microsoft: Auch andere Apps sind betroffen. First seen on golem.de Jump to article: www.golem.de/news/patchday-geht-schief-neue-windows-updates-lassen-allerhand-apps-einfrieren-2601-204437.html
-
Hackers Exploit Visual Studio Code to Deploy Malicious Payloads on Victim Systems
The attack arsenal by extensively abusing Microsoft Visual Studio Code configuration files to deliver and execute malicious payloads on compromised systems. This evolution in the Contagious Interview campaign represents a sophisticated shift toward weaponizing legitimate developer tools. The infection chain begins when victims clone and open malicious Git repositories hosted on GitHub or GitLab, typically…
-
Integrating Enzoic Alerts into Microsoft Sentinel with Azure Logic Apps
Introduction Enzoic provides real-time alerts when user credentials are exposed in data breaches, and integrating these alerts into your security operations center (SOC) can greatly enhance your threat response. Microsoft Sentinel is a cloud-native SIEM (Security Information and Event Management) platform in Azure that aggregates and analyzes security data across an organization. (Note: You will……
-
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints.The latest finding demonstrates continued evolution of the new tactic that was first discovered in December 2025, Jamf Threat Labs said.”This activity involved…
-
Microsoft PowerToys adds new CursorWrap mouse ‘teleport’ tool
Microsoft has released PowerToys 0.97, with a new mouse utility for multi-monitor setups and significant improvements to the Command Palette quick launcher. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-powertoys-adds-new-cursorwrap-mouse-teleport-tool/
-
Microsoft & Anthropic MCP Servers At Risk of RCE, Cloud Takeovers
Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry serious vulnerabilities. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-anthropic-mcp-servers-risk-takeovers
-
New Windows Flaw Lets Attackers Bypass Mark of the Web
Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against malicious downloads and phishing files. The post New Windows Flaw Lets Attackers Bypass Mark of the Web appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-flaw-bypass-mark-of-the-web/