Tag: microsoft
-
Fake MAS Windows activation domain used to spread PowerShell malware
A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the ‘Cosmali Loader’. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-mas-windows-activation-domain-used-to-spread-powershell-malware/
-
Microsoft Teams to let admins block external users via Defender portal
Tags: microsoftMicrosoft announced that security administrators will soon be able to block external users from sending messages, calls, or meeting invitations to members of their organization via Teams. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-let-admins-block-external-users-via-defender-portal/
-
Israeli Organizations Targeted by AV-Themed Malicious Word and PDF Files
SEQRITE Labs’ Advanced Persistent Threat (APT) Team has uncovered a sophisticated campaign targeting Israeli organizations through weaponized Microsoft Word and PDF documents disguised as legitimate antivirus software. The operation, tracked as UNG0801 or >>Operation IconCat,
-
Microsoft Enhances BitLocker with Hardware Acceleration Support
Microsoft has officially announced a major upgrade to its encryption technology with the introduction of hardware-accelerated BitLocker. Revealed by Microsoft’s Rafal Sosnowski following the Ignite conference, this new feature is designed to solve performance bottlenecks that have plagued high-speed storage drives, ensuring that users no longer have to choose between robust security and system speed.…
-
Microsoft rolls out hardware-accelerated BitLocker in Windows 11
Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-rolls-out-hardware-accelerated-bitlocker-in-windows-11/
-
Interpol sweep takes down cybercrooks in 19 countries
Tags: access, antivirus, attack, botnet, business, china, cyber, cyberattack, cybercrime, cybersecurity, data, defense, email, encryption, finance, fraud, group, incident response, infrastructure, intelligence, international, interpol, law, malicious, malware, microsoft, ransomware, russia, scam, service, theft, threatA ‘very good thing’: The fact that the same operation broke ransomware operations and a business email compromise (BEC) operation is “unique,” said DiMaggio, because most people think of Africa as the source of BEC and fraud scams.The fact that authorities are working to disrupt ransomware operations in Africa before they grow to the size…
-
Microsoft wants to replace its entire C and C++ codebase, perhaps by 2030
Plans move to Rust, with help from AI First seen on theregister.com Jump to article: www.theregister.com/2025/12/24/microsoft_rust_codebase_migration/
-
Microsoft rushes an outband update for Message Queuing bug
Redmond gets in early for the twelve whoopsies of Christmas First seen on theregister.com Jump to article: www.theregister.com/2025/12/23/microsoft_fixes_message_queuing_issue/
-
Best of 2025: Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335)
10Critical 147Important 0Moderate 0Low Microsoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five CVEs publicly disclosed prior to patches being made available. Microsoft patched 157 CVEs in its January 2025 Patch Tuesday release, with 10 rated..…
-
Microsoft Teams strengthens messaging security by default in January
Microsoft Teams will automatically enable messaging safety features by default in January to strengthen defenses against content tagged as malicious. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-strengthens-messaging-security-by-default-in-january/
-
Neue Angriffswelle auf Microsoft 365-Konten
Sicherheitsforscher von Proofpoint warnen vor einer deutlichen Zunahme von Phishing-Kampagnen, die den legitimen Geräteautorisierungsprozess von Microsoft ausnutzen. Seit September 2025 beobachten die Experten großflächige Angriffe zur Kontoübernahme. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/angriffswelle-auf-microsoft-365
-
Windows-Denial-ofSchwachstellen – 0patch schließt RasMan-Absturzlücke vor Microsoft
First seen on security-insider.de Jump to article: www.security-insider.de/windows-rasman-dos-0patch-micropatch-a-a7bfa24afde773245a9432273de24759/
-
SideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax Department
Zscaler Threat Hunting has identified a sophisticated espionage campaign targeting Indian entities through fraudulent >>Income Tax Department
-
Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component and was discovered by security researchers at HT3Labs. Vulnerability Overview The Brokering File System, introduced alongside Windows’ Win32 App Isolation feature…
-
Der Cloud zu vertrauen, reicht nicht aus – Sieben Gründe, warum Unternehmen Microsoft-365-Backups brauchen
First seen on security-insider.de Jump to article: www.security-insider.de/sieben-gruende-warum-unternehmen-microsoft-365-backups-brauchen-a-6f44269b3effe6d09a2d568e060c47d2/
-
Termine – Das war der Microsoft Patchday 2025
Tags: microsoftFirst seen on security-insider.de Jump to article: www.security-insider.de/microsoft-patchday-2025-patch-tuesday-a-12587d100d02b61d2169217bdfbcc38b/
-
Podcast: Die IT-Tops und -Flops 2025
Tags: ai, cio, jobs, malware, microsoft, nis-2, open-source, ransomware, software, vulnerability-managementDie Redaktion von Computerwoche, CIO und CSO sieht das IT-Jahr 2025 mit gemischten Gefühlen zu Ende gehen.Ein turbulentes Jahr 2025 neigt sich dem Ende zu. Es war geprägt von wirtschaftlicher Unsicherheit, geopolitischen Spannungen und dem ungebremsten Siegeszug der Künstlichen Intelligenz. Grund genug für die Redaktion von Computerwoche, CIO und CSO, in der letzten TechTalk-Podcast-Folge des…
-
Microsoft Teams Outage Causes Global Messaging Delays and Service Interruptions
Microsoft Teams users worldwide experienced significant service disruptions on December 20, 2025, as the collaboration platform encountered widespread issues affecting messaging functionality and other critical service operations. The company has acknowledged the incident and is actively investigating the root cause. According to Microsoft 365 Status updates, users reported experiencing delays in message delivery and problems…
-
Microsoft Teams Outage Causes Global Messaging Delays and Service Interruptions
Microsoft Teams users worldwide experienced significant service disruptions on December 20, 2025, as the collaboration platform encountered widespread issues affecting messaging functionality and other critical service operations. The company has acknowledged the incident and is actively investigating the root cause. According to Microsoft 365 Status updates, users reported experiencing delays in message delivery and problems…
-
Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts
Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft’s legitimate OAuth 2.0 device authorization grant flow to trick users into giving them access to their M365 accounts, Proofpoint researchers say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/surge-of-oauth-device-code-phishing-attacks-targets-m365-accounts/
-
Cloud Atlas Exploits Office Vulnerabilities to Execute Malicious Code
The Cloud Atlas threat group, active since 2014, continues to pose a significant risk to organizations in Eastern Europe and Central Asia through sophisticated attacks leveraging legacy Microsoft Office vulnerabilities. Security researchers have documented the group’s expanded arsenal and evolving infection chains deployed throughout the first half of 2025, revealing previously undescribed implants and attack…
-
Microsoft confirms Teams is down and messages are delayed
Tags: microsoftMicrosoft Teams is experiencing issues, with thousands reporting problems sending messages, including delays. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-teams-is-down-and-messages-are-delayed/
-
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Tags: attack, authentication, credentials, email, government, group, hacker, microsoft, phishing, russiaA suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks.The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare.The attacks involve using compromised email addresses belonging to government First seen on thehackernews.com…
-
Nigeria arrests dev of Microsoft 365 ‘Raccoon0365’ phishing platform
The Nigerian police have arrested three individuals linked to targeted Microsoft 365 cyberattacks via Raccoon0365 phishing-as-a-service. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nigeria-arrests-dev-of-microsoft-365-raccoon0365-phishing-platform/
-
Nigeria arrests suspected RaccoonO365 phishing kit developer on tip from Microsoft, FBI
One of the alleged developers behind the RaccoonO365 subscription-based phishing kit was arrested by Nigerian police this week. First seen on therecord.media Jump to article: therecord.media/nigeria-raccoon-developer-tip
-
CultureAI Selected for Microsoft’s Agentic Launchpad Initiative to Advance Secure AI Usage
UK-based AI safety and governance company CultureAI has been named as one of the participants in Microsoft’s newly launched Agentic Launchpad, a technology accelerator aimed at supporting startups working on advanced AI systems. The inclusion marks a milestone for CultureAI’s growth and signals broader industry interest in integrating AI safety and usage control into emerging…
-
Microsoft 365 accounts targeted in wave of OAuth phishing attacks
Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-365-accounts-targeted-in-wave-of-oauth-phishing-attacks/
-
Microsoft-Konto gekapert: Hacker entwickeln Cyberangriffe mit Captchas weiter so schützt du dich
First seen on t3n.de Jump to article: t3n.de/news/microsoft-konto-gekapert-hacker-cyberangriffe-captchas-weiterentwickelt-1722368/

