Collecting Cyber-News from over 60 sources

Tag: microsoft

ClickFix-Angriffsvariante ConsentFix: So tricksen Hacker Microsoft-Konten aus

Jan 12, 2026 3:02 PM

Tags: hacker, mfa, microsoft

Durch diesen Trick erhalten die Angreifer den OAuth-Schlüssel und können eine Verbindung zwischen ihrem eigenen System und dem Microsoft-Konto des Opfers herstellen ohne Passwortdiebstahl oder Umgehung der Multi-Faktor-Authentifizierung. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/clickfix-angriffsvariante-consentfix-so-tricksen-hacker-microsoft-konten-aus/a43332/
Support-Ende Windows 10 & Co – Diese Produkte hat Microsoft 2025 ausgemustert

Jan 12, 2026 2:02 PM

Tags: microsoft, windows

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-support-ende-ausmusterung-2025-windows-10-a-00435335eb106f9183afe292c693fbf8/
Windows 11: IT-Admins dürfen Copilot wohl bald per Richtlinie entfernen

Jan 12, 2026 12:02 PM

Tags: microsoft, windows

Microsoft testet eine neue Richtlinie, mit der IT-Admins Copilot von verwalteten Geräten entfernen können. Doch es gibt Einschränkungen. First seen on golem.de Jump to article: www.golem.de/news/windows-11-insider-preview-admins-koennen-copilot-app-per-richtlinie-entfernen-2601-204058.html
Windows 11 Insider Preview: Admins können Copilot-App per Richtlinie entfernen

Jan 12, 2026 11:01 AM

Tags: microsoft, windows

Microsoft testet eine neue Richtlinie, mit der IT-Admins Copilot von verwalteten Geräten entfernen können. Doch es gibt Einschränkungen. First seen on golem.de Jump to article: www.golem.de/news/windows-11-insider-preview-admins-koennen-copilot-app-per-richtlinie-entfernen-2601-204058.html
Trotz Kritik und möglicher Sicherheitsrisiken – Microsoft treibt agentenbasiertes Windows 11 weiter voran

Jan 12, 2026 8:01 AM

Tags: microsoft, windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-11-ki-entfernen-skript-a-bb4cc6faef3011bbdadc0d99c8dced77/
EDRStartupHinder: Blocks Antivirus EDR at Windows 11 25H2 Startup (Defender Included)

Jan 12, 2026 7:01 AM

Tags: antivirus, api, cyber, cybersecurity, detection, edr, endpoint, exploit, microsoft, software, startup, tool, windows

A cybersecurity researcher has unveiled EDRStartupHinder, a proof-of-concept tool that prevents antivirus and endpoint detection and response (EDR) solutions from launching during Windows startup, including Microsoft Defender on Windows 11 25H2. The technique exploits Windows Bindlink API functionality through the bindflt.sys driver to interfere with security software initialization. The tool builds on previous research into Bindlink…
Microsoft is retiring ‘Send to Kindle’ in Word

Jan 11, 2026 5:01 AM

Tags: microsoft

Microsoft is retiring a feature that allowed you to send your documents to Kindle straight from Microsoft Word. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-is-retiring-send-to-kindle-in-word/
Microsoft Windows Media Player stops serving up CD album info

Jan 10, 2026 1:01 PM

Tags: microsoft, windows

No naming that tune and no album covers First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/microsoft_windows_media_player_forgets/
ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Jan 10, 2026 1:01 AM

Tags: ai, attack, backdoor, chatgpt, cloud, data, email, injection, leak, LLM, malicious, microsoft, openai, risk, service, tool, vulnerability, worm

Worm-like propagation: The email attack even has worming capabilities, as the malicious prompts could instruct ChatGPT to scan the inbox, extract addresses from other email messages, exfiltrate those addresses to the attackers using the URL trick, and send similar poisoned messages to those addresses as well.If the victim is the employee of an organization that…
Microsoft may soon allow IT admins to uninstall Copilot

Jan 9, 2026 10:01 PM

Tags: ai, microsoft

Microsoft is testing a new policy that allows IT administrators to uninstall the AI-powered Copilot digital assistant on managed devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-may-soon-allow-it-admins-to-uninstall-copilot-on-managed-devices/
Microsoft Introduces Teams External Collaboration Administrator Role

Jan 9, 2026 7:02 PM

Tags: cyber, microsoft

Microsoft is expanding its administrative capabilities in Teams by introducing a new built-in role called Teams External Collaboration Administrator. This specializedRBACrole enables organizations to delegateexternal collaborationmanagement without granting full Teams admin permissions. Rollout Timeline The new role will begin rolling out in late January 2026 and is expected to be fully available worldwide by mid-February…
Termine 2026 – Wann ist Microsoft Patchday?

Jan 9, 2026 5:01 PM

Tags: microsoft

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-patchday-patch-tuesday-updates-2026-a-bf5209034d0a406e70e4c8dbe0d18762/
Breach Roundup: Firewalls Headed for Obsolescence

Jan 9, 2026 1:01 PM

Tags: breach, browser, chrome, firewall, flaw, infrastructure, malicious, microsoft

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws Exploited. This week, Moody’s said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches. First seen…
Kölner Gutachten stellt Microsoft-Nutzung infrage – Kürzungen bei Familien, Milliarden für Microsoft?

Jan 9, 2026 1:01 PM

Tags: microsoft

First seen on security-insider.de Jump to article: www.security-insider.de/us-behoerden-zugriff-europaeische-cloud-daten-microsoft-sicherheit-a-66959c9a0efc9f7469eb1c6cd8be82a8/
January 2026 Patch Tuesday forecast: And so it continues

Jan 9, 2026 10:01 AM

Tags: microsoft, update

Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor’s security patch activity (and reported issues) for the month, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/09/january-2026-patch-tuesday-forecast/
Microsoft Mandates MFA for Microsoft 365 Admin Center Access

Jan 9, 2026 7:01 AM

Tags: cloud, cyber, login, mfa, microsoft, password

Microsoft is tightening security for its cloud customers by makingmulti-factor authenticationmandatory for anyone accessing the Microsoft 365 admin center, effectively ending password-only logins forhigh-privilegeadmin portals. The enforcement will fully kick in on February 9, 2026, following a phased rollout that began in early 2025. Deadline and enforcement scope Under the new policy, admin users who…
Breach Roundup: Firewalls Headed for Obsolesce

Jan 8, 2026 11:01 PM

Tags: breach, browser, chrome, firewall, flaw, infrastructure, malicious, microsoft

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws Exploited. This week, Moody’s said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches. First seen…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys

Jan 8, 2026 7:02 PM

Tags: access, attack, authentication, cyber, cybersecurity, hacker, microsoft, social-engineering, threat

In a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID that weaponizes legitimate OAuth 2.0 authentication flows to harvest privileged access tokens. The technique, dubbed >>ConsentFix<< by PushSecurity, represents an evolution of the ClickFix social engineering paradigm, enabling threat actors to…
How Attackers Hide Processes by Abusing Kernel Patch Protection

Jan 8, 2026 7:02 PM

Tags: api, cyber, data, malicious, microsoft, monitoring, tool, update, windows

Security researchers have identified a sophisticated technique that allows attackers to hide malicious processes from Windows Task Manager and system monitoring tools, even on systems with Microsoft’s most advanced kernel protections enabled. The bypass leverages legitimate Windows APIs to manipulate core data structures before integrity checks can detect tampering, circumventing both PatchGuard and Hypervisor-Protected Code…
Phishing-Angreifer setzen vermehrt auf E-Mail-Routing-Lücken

Jan 8, 2026 4:01 PM

Tags: 2fa, authentication, business, cyberattack, dmarc, dns, email, framework, infrastructure, intelligence, mail, mfa, microsoft, password, phishing, risk, service, spam, threat

Angreifer missbrauchen falsch konfigurierte Richtlinien, um Phishing-E-Mails wie interne E-Mails aussehen zu lassen, Filter zu umgehen und Anmeldedaten zu stehlen.Das Threat Intelligence Team von Microsoft hat kürzlich festgestellt, dass Angreifer zunehmend komplexe E-Mail-Weiterleitungen und falsch konfigurierte Domain-Spoofing-Schutzmaßnahmen ausnutzen. Dabei lassen sie ihre Phishing-Nachrichten so aussehen, als würden sie von den angegriffenen Organisationen selbst stammen.In den…
Phishing Attacks Exploit Misconfigured Email Routing Settings to Target Microsoft 365 Users

Jan 8, 2026 4:01 PM

Tags: attack, email, exploit, microsoft, phishing

Misconfigurations abused to make phishing emails look like they come from within the organization First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phishing-exploits-misconfigured/
Microsoft Exchange Online outage blocks access to mailboxes via IMAP4

Jan 8, 2026 3:01 PM

Tags: access, Internet, microsoft, service

Microsoft is working to fix an Exchange Online service outage that intermittently prevents users from accessing their mailboxes via the Internet Mailbox Access Protocol 4 (IMAP4). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-outage-blocks-access-to-mailboxes-via-imap4/
Microsoft to enforce MFA for Microsoft 365 admin center sign-ins

Jan 8, 2026 2:01 PM

Tags: authentication, mfa, microsoft

Microsoft will start enforcing multi-factor authentication (MFA) for all users accessing the Microsoft 365 admin center starting next month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-enforce-mfa-for-microsoft-365-admin-center-sign-ins/
U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog

Jan 8, 2026 1:01 PM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, office, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2009-0556 is a memory corruption flaw…
BlueDelta Hackers Target Microsoft OWA, Google, and Sophos VPN to Steal Credentials

Jan 8, 2026 10:01 AM

Tags: credentials, cyber, google, group, hacker, infrastructure, microsoft, russia, sophos, theft, threat, vpn

A sophisticated credential-harvesting operation conducted by BlueDelta, a Russian state-sponsored threat group linked to the GRU’s Main Directorate, targeted critical infrastructure organizations and research institutions throughout 2025, according to a comprehensive investigation by Recorded Future’s Insikt Group. The campaign, spanning February through September 2025, represents a significant evolution in the group’s persistent credential-theft operations, with…
CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

Jan 8, 2026 8:01 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, office, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting Microsoft Office and Hewlett Packard Enterprise (HPE) OneView to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerabilities are listed below -CVE-2009-0556 (CVSS score: 8.8) – A code injection vulnerability in Microsoft Office First seen on thehackernews.com…
Phishers Exploit Office 365 Users Who Let Their Guard Down

Jan 8, 2026 12:01 AM

Tags: exploit, microsoft, office, phishing

Microsoft said that Office 365 tenants with weak configurations and who don’t have strict anti-spoofing protection enabled are especially vulnerable. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/phishers-exploit-office-365-users-guard-down
Threat Actors Exploit Google Cloud Services to Steal Microsoft 365 Credentials

Jan 7, 2026 10:02 PM

Tags: cloud, credentials, cyber, cybersecurity, email, exploit, google, infrastructure, malicious, microsoft, phishing, service, threat

A sophisticated phishing campaign is exploiting Google Cloud infrastructure to bypass email security filters and steal Microsoft 365 credentials, demonstrating how attackers increasingly abuse trusted cloud platforms to lend legitimacy to their malicious activities. Cybersecurity researchers at Check Point have uncovered a large-scale operation targeting approximately 3,200 organizations, resulting in over 9,300 phishing emails over…