Tag: microsoft
-
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch
Tags: breach, china, country, exploit, flaw, government, microsoft, middle-east, technology, threat, update, usa, vulnerabilityThreat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025.Also targeted were government departments in an African country, as well as government agencies in South America, a university in the U.S., as…
-
Versa schafft umfassende SASE-Lösung mit der Integration von Microsoft-EntraAccess
Ab sofort steht eine automatisierte Integration von Versa-Secure-SD-WAN mit Microsoft-Entra-Internet-Access, einer Komponente der Security-Service-Edge (SSE)-Lösung von Microsoft, zur Verfügung. Damit entsteht eine vollständige, einfach zu verwaltende SASE-Lösung, die umfassende Sicherheit mit optimierter Leistung für verteilte Standorte bietet. Im Gegensatz zu vielen vorlagenbasierten Integrationen ist das anwendungsorientierte SD-WAN von Versa nun eines der wenigen SD-WAN-Angebote im…
-
Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data
Cybercriminals are increasingly exploiting a legitimate Microsoft 365 feature designed for enterprise convenience, turning Exchange Online’s Direct Send into a dangerous vector for phishing campaigns and business email compromise attacks. Security researchers across the industry are sounding the alarm as malicious actors leverage this trusted pathway to bypass authentication checks and deliver convincing internal-looking messages…
-
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/
-
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
CAASM and EASM: Top 12 attack surface discovery and management tools
Tags: access, ai, api, attack, automation, blockchain, business, cloud, control, corporate, credentials, cyber, cybersecurity, dark-web, data, data-breach, detection, dns, endpoint, exploit, framework, guide, hacking, HIPAA, incident response, infrastructure, intelligence, Internet, leak, marketplace, microsoft, monitoring, network, open-source, PCI, risk, risk-assessment, service, soc, software, supply-chain, technology, threat, tool, update, vulnerabilityCAASM and EASM tools for attack surface discovery and management: Periodic scans of the network are no longer sufficient for maintaining a hardened attack surface. Continuous monitoring for new assets and configuration drift are critical to ensure the security of corporate resources and customer data.New assets need to be identified and incorporated into the monitoring…
-
Ransomware Attacks Escalate in APAC Targeting VPN Flaws, Microsoft 365 Logins, Python Scripts
The Asia-Pacific (APAC) region is seeing a rapid surge in number of cyberattacks aimed at its enterprises’, a new report suggests. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ransomware-targets-apac-region/
-
Nach Update: Nervige Anmeldeprobleme unter Windows 11
Auch Windows Server 2025 ist betroffen. Ein Patch ist nicht zu erwarten. Microsoft sieht Admins in der Pflicht, ihre Systeme richtig zu klonen. First seen on golem.de Jump to article: www.golem.de/news/nach-update-nervige-anmeldeprobleme-unter-windows-11-2510-201407.html
-
Microsoft behebt Sicherheitslücke mit höchstem Gefahren-Score aller Zeiten
First seen on t3n.de Jump to article: t3n.de/news/microsoft-behebt-sicherheitsluecke-mit-hoechstem-gefahren-score-aller-zeiten-1713086/
-
AWS Outage: Lessons Learned
What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure? What Happened? On October 20, 2025, AWS experienced a major disruption that rippled across the internet (and social media), affecting widely used services such as Zoom, Microsoft Teams, Slack, and Atlassian. The issue originated not…
-
AWS Outage: Lessons Learned
What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure? What Happened? On October 20, 2025, AWS experienced a major disruption that rippled across the internet (and social media), affecting widely used services such as Zoom, Microsoft Teams, Slack, and Atlassian. The issue originated not…
-
The Many Shapes of Identity: Inside IAM 360, Issue 3
Tags: access, ai, business, cloud, communications, compliance, container, cybersecurity, data, deep-fake, encryption, guide, iam, identity, infrastructure, intelligence, microsoft, passkey, password, risk, software, strategy, technology, threatThe Many Shapes of Identity: Inside IAM 360, Issue 3 josh.pearson@t“¦ Tue, 10/21/2025 – 17:27 The new issue of IAM 360 is here! In this issue, we take on a theme that shows how identity never stands still, reshaping how we live and work as it evolves. We call it Form Factor. Why Form Factor?…
-
CISA Flags Highly Exploitable Windows SMB Flaw
Tags: attack, cisa, cybersecurity, exploit, flaw, infrastructure, microsoft, mitigation, network, ntlm, windowsNTLM Reflection Attack Strikes Again. A three-month old flaw in a network protocol for file sharing used by Microsoft is under active exploitation, warns the U.S. Cybersecurity and Infrastructure Security Agency. The flaw’s exploitation bypasses mitigations Microsoft has built over the years to prevent NTLM reflection attacks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-flags-highly-exploitable-windows-smb-flaw-a-29778
-
Recent Windows updates cause login issues on some PCs
Microsoft has confirmed that Windows updates released since August 29, 2025, are breaking authentication on systems sharing Security Identifiers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-recent-windows-updates-cause-login-issues-on-pcs-sharing-security-ids/
-
MIND upgrades endpoint DLP (and more!)
Tags: ai, automation, business, cloud, compliance, control, credentials, data, endpoint, google, healthcare, identity, leak, microsoft, okta, phone, risk, service, threatMIND Flight 1021 with service to Stress-Free DLP is now boarding. All ticketed and confirmed passengers should make their way to the boarding gate at this time. The airport hums with noise. Rolling suitcases bump over tile floors, boarding announcements echo through speakers and the line at TSA snakes endlessly ahead. You shift your weight…
-
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/cisa-warns-of-windows-smb-flaw-under-active-exploitation-cve-2025-33073/
-
Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection
A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data by hiding instructions in a document. The AI then encoded the data into a malicious Mermaid diagram that, when clicked, sent the stolen information to an attacker’s server. When Microsoft 365 Copilot was asked to…
-
Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection
A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data by hiding instructions in a document. The AI then encoded the data into a malicious Mermaid diagram that, when clicked, sent the stolen information to an attacker’s server. When Microsoft 365 Copilot was asked to…
-
From Reactive to Proactive: A New Jersey School District’s Google Microsoft Security Transformation
How Monmouth Regional High School District’s Tech Team Improved Cybersecurity and Student Safety Using Cloud Monitor At Monmouth Regional High School District in Eatontown, New Jersey, technology touches nearly every part of daily school life. The district serves about 945 students and 250 faculty and staff, all supported by a small but mighty IT team…
-
Security patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functions
Tags: api, authentication, banking, control, cryptography, ddos, defense, flaw, government, microsoft, network, tool, update, windowsMalfunctioning devices, failed connections, and installation errors: Update KB5066835 can also cause USB devices, including keyboards and mice, to malfunction in WinRE, preventing navigation in recovery mode. However, the keyboard and mouse do continue to work normally within the Windows OS. Microsoft has now released an out-of-band update, KB5070773, to address the issue.Additionally, the security…
-
Microsoft fixes bug preventing users from opening classic Outlook
Microsoft has fixed a major bug preventing Microsoft 365 users from launching the classic Outlook email client on Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-preventing-users-from-opening-classic-outlook/
-
Decoding Microsoft 365 Audit Logs Using Bitfield Mapping: An Investigation Report
Understanding exactly how users authenticate to cloud services is crucial for effective security monitoring. A recently refined bitfield mapping technique decodes the opaque UserAuthenticationMethod values in Microsoft 365 audit logs, transforming numeric codes into actionable, human-readable descriptions. This breakthrough empowers incident responders to identify primary authentication methods even when only Microsoft 365 audit logs are…
-
Via Microsoft Sharepoint: Cyberangriff trifft US-Atomwaffenhersteller
Hacker haben einen Hersteller wichtiger Atomwaffenkomponenten der USA attackiert. Einstiegspunkt waren Sicherheitslücken in Microsoft Sharepoint. First seen on golem.de Jump to article: www.golem.de/news/via-microsoft-sharepoint-cyberangriff-trifft-us-atomwaffenhersteller-2510-201379.html
-
CISOs’ security priorities reveal an augmented cyber agenda
Tags: access, ai, attack, authentication, automation, awareness, business, cio, ciso, cyber, cybersecurity, data, deep-fake, detection, edr, email, framework, governance, healthcare, incident response, intelligence, malware, microsoft, mssp, phishing, ransomware, risk, service, siem, soc, software, tactics, technology, threat, tool, training, usa, vulnerability, vulnerability-management, zero-trustCSOConsequently, 41% are planning to leverage AI to detect threats, for anomaly detection, and to automate security responses. Other respondents cited plans to leverage AI for malware detection and real-time risk prediction (39%), as well as DLP and improving enterprise system visibility.Further, 40% expect to see AI enhancements as part of their existing security systems,…
-
Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
-
Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
-
Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
-
Windows 11 KB5070773 emergency update fixes Windows Recovery issues
Microsoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing the October 2025 security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-usb-issue-that-made-windows-recovery-unusable/