Tag: microsoft
-
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem.”The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer First seen on thehackernews.com Jump to article: thehackernews.com/2026/01/evelyn-stealer-malware-abuses-vs-code.html
-
This Intune update isn’t optional, it’s a kill switch for outdated apps
Tags: access, android, authentication, business, control, corporate, cybersecurity, data, infrastructure, malware, microsoft, mitigation, password, phone, risk, service, switch, threat, tool, updateiOS line-of-business (LOB) and custom iOS apps using the Intune App SDK must update to SDK version 20.8.0 or later for apps compiled with Xcode 16, and to 21.1.0 or later for apps compiled with Xcode 26.Apps using the wrapper must update to the new version of the Intune App Wrapping Tool for iOS: version…
-
Mandiant pushes organizations to dump insecure NTLMv1 by releasing a way to crack it
Tags: attack, authentication, computer, credentials, crypto, cve, data, data-breach, email, encryption, group, Hardware, international, mandiant, microsoft, network, ntlm, phishing, risk, service, supply-chain, theft, threat, vulnerability, windowspass-the-hash. The benefit is time and money saved: Mandiant reckons its rainbow table allows the recovery of an NTLMv1 key in 12 hours using a computer costing $600, rather than relying on third party services or expensive hardware to brute-force the keys.None of this makes NTLMv1 less secure or easier to target than it already…
-
Ransomware attack on Ingram Micro impacts 42,000 individuals
Tags: apple, attack, cisco, cybersecurity, data, data-breach, jobs, microsoft, ransomware, service, supply-chain, technologyIngram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and supply-chain services company. It acts as a middleman between IT vendors (like Microsoft, Cisco, HP, Apple, and cybersecurity firms) and businesses, resellers, and service providers, helping…
-
Cop cops it after Copilot cops out: West Midlands police chief quits over AI hallucination
Craig Guildford banned Israeli fans based on Microsoft’s match report, told MPs ‘we don’t use AI,’ then discovers… they did First seen on theregister.com Jump to article: www.theregister.com/2026/01/19/copper_chief_cops_it_after/
-
Microsoft Issues Emergency Fix After Some Windows 11 Systems Can’t Shut Down
The fix is for a bug that prevents some systems from shutting down, while another bug that prevents hibernation has no workaround yet. The post Microsoft Issues Emergency Fix After Some Windows 11 Systems Can’t Shut Down appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-11-shutdown-bug/
-
Windows 11 shutdown bug forces Microsoft into outband damage control
Ships emergency update to fix a Patch Tuesday misfire that prevented systems from switching off First seen on theregister.com Jump to article: www.theregister.com/2026/01/19/windows_11_shutdown_bug/
-
Attackers Abuse WSL2 to Operate Undetected on Windows Systems
Windows Subsystem for Linux (WSL) has transformed the developer experience on Windows. However, it has also quietly created a powerful hiding place for attackers. With WSL2, Microsoft moved from lightweight translation to a whole virtual machine (VM) model. That architectural change gives adversaries a semi-isolated Linux environment running inside Hyper”‘V that is rarely monitored by…
-
Notfall-Patch ist da: Microsoft patzt beim ersten Update 2026
Das Januar-Sicherheitsupdate für Windows 11 verursacht Probleme beim Herunterfahren und bei Remote-Verbindungen – nun ist Abhilfe da. First seen on golem.de Jump to article: www.golem.de/news/notfall-patch-ist-da-microsoft-patzt-beim-ersten-update-2026-2601-204319.html
-
How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot
Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026. The post How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reprompt-attack-microsoft-copilot/
-
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterpriseRemote Desktopinfrastructure, triggering widespread credential prompt failures that prevent users from accessingAzure Virtual Desktopand Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions 24H2 and 25H2 running builds 26100.7623 and 26200.7623. The issue manifests as immediate sign-in failures when…
-
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterpriseRemote Desktopinfrastructure, triggering widespread credential prompt failures that prevent users from accessingAzure Virtual Desktopand Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions 24H2 and 25H2 running builds 26100.7623 and 26200.7623. The issue manifests as immediate sign-in failures when…
-
Microsoft releases OOB Windows updates to fix shutdown, Cloud PC bugs
Microsoft has released multiple emergency, out-of-band updates for Windows 10, Windows 11, and Windows Server to fix two issues caused by the January Patch Tuesday updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-windows-updates-to-fix-shutdown-cloud-pc-bugs/
-
Cyberkriminelle bringen Copilot zum Plaudern: Wie sie Microsofts KI austricksen, um an eure Daten zu gelangen
First seen on t3n.de Jump to article: t3n.de/news/cyberkriminelle-bringen-copilot-zum-plaudern-tricksen-microsoft-ki-aus-1725442/
-
Microsoft’s January Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this…The…
-
Some Windows PCs fail to shut down after January update
Microsoft has confirmed a new issue that prevents Windows 11 23H2 devices with System Guard Secure Launch enabled from shutting down. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-some-windows-pcs-fail-to-shut-down-after-january-update/
-
Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the same Azure tenant. The flaw, tracked as CVE-2026-20965, stems from improper validation of Proof-of-Possession (PoP) tokens…
-
Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the same Azure tenant. The flaw, tracked as CVE-2026-20965, stems from improper validation of Proof-of-Possession (PoP) tokens…
-
One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into data exfiltration tools
What devs and security teams should do now: As in usual security practice, enterprise users should always treat URLs and external inputs as untrusted, experts advised. Be cautious with links, be on the lookout for unusual behavior, and always pause to review pre-filled prompts.”This attack, like many others, originates with a phishing email or text…
-
Microsoft Copilot Studio extension for VS Code now publicly available
Tags: microsoftMicrosoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-copilot-studio-extension-for-vs-code-now-publicly-available/
-
Microsoft taps UK courts to dismantle cybercrime host RedVDS
Redmond says cheap virtual desktops powered a global wave of phishing and fraud First seen on theregister.com Jump to article: www.theregister.com/2026/01/15/microsoft_uk_courts_redvds/
-
Vom Datenchaos zur Datenherrschaft in hybriden Microsoft-Umgebungen – Single Source of Trust im Identitätsmanagement
Tags: microsoftFirst seen on security-insider.de Jump to article: www.security-insider.de/single-source-of-trust-im-identitaetsmanagement-a-c3c8fec329fe15689ef7d60c29991d22/
-
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses.The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that has…
-
Schlag gegen Cyberkriminelle in Deutschland
Tags: cybercrime, germany, infrastructure, Internet, mail, microsoft, phishing, software, usa, windowsInternationalen Ermittlern und Microsoft ist ein Schlag gegen die Infrastruktur des Cybercrime-Dienst RedVDS gelungen. Die Server standen auch in Deutschland.In einer konzertierten Aktion haben Strafverfolgungsbehörden in Deutschland, den USA und Großbritannien zusammen mit Microsoft den globalen Cyberkriminalitätsdienst RedVDS zerschlagen. Das bestätigten die Zentralstelle für Internet- und Computerkriminalität (ZIT) bei der Generalstaatsanwaltschaft in Frankfurt sowie das Landeskriminalamt…
-
Microsoft shuts down RedVDS cybercrime subscription service tied to millions in fraud losses
Microsoft has announced a coordinated legal action in the United States and the United Kingdom to disrupt RedVDS, a global cybercrime subscription service tied to large-scale … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/15/microsoft-shuts-down-redvds-cybercrime-subscription-service/
-
Microsoft disrupts massive RedVDS cybercrime virtual desktop service
Microsoft announced on Wednesday that it disrupted RedVDS, a massive cybercrime platform linked to at least $40 million in reported losses in the United States alone since March 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-seizes-servers-disrupts-massive-redvds-cybercrime-platform/
-
Microsoft, Law Enforcement Disrupt RedVDS Global Cybercrime Service
Microsoft and law enforcement agencies in Europe disrupted the operations of RedVDS, a global cybercrime service that sold cheap and disposable dedicated virtual servers to threat actors that used them to run BEC, phishing, and other fraud campaigns. The vendor now wants to shut down its payment networks and find the operators behind it. First…
-
Microsoft Disrupts Cybercrime Service RedVDS
RedVDS, a cybercrime-as-a-service operation that has stolen millions from victims, lost two domains to a law enforcement operation supported by Microsoft. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-disrupts-cybercrime-service-redvds
-
Microsoft Copilot Reprompt Attack Enables Stealthy Data Exfiltration
Reprompt is a one-click Microsoft Copilot attack that could enable silent data exfiltration, though Microsoft says it’s now patched. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/microsoft-copilot-reprompt-attack-enables-stealthy-data-exfiltration/
-
Microsoft disrupts RedVDS cybercrime platform behind $40 million in scam losses
Microsoft and law enforcement partners took down a popular cybercriminal subscription service called RedVDS that was used to enable more than $40 million in fraud losses in the United States alone. First seen on therecord.media Jump to article: therecord.media/microsoft-redvds-cybercrime-scam