Tag: microsoft
-
SesameOp: Neuartige Backdoor in OpenAI API für CC missbraucht
Sicherheitsforscher von Microsoft sind auf eine neuartige Backdoor in der OpenAI Assistant API gestoßen, und haben diese SesameOp genannt. Diese neuartige Backdoor, die von einem Angreifer verwendet wurde, nutzt die API des OpenAI Assistant, um Befehls- und Kontrollfunktionen für Cyberangriffe … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/22/sesameop-neuartige-backdoor-in-openai-api-fuer-cc-missbraucht/
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR
Tags: access, attack, automation, breach, cloud, communications, computer, cyber, cybersecurity, data, data-breach, defense, detection, edr, endpoint, firewall, intelligence, iot, malware, microsoft, monitoring, network, siem, software, sql, strategy, technology, threat, tool, windowsEDR identifies noticeable changes at the endpoint EDR, the oldest of the three detection technologies, monitors endpoints to mitigate attacks on them. Endpoints are network devices such as PCs, file servers, smartphones and IoT devices that connect to the network to communicate. A software agent is used to inventory EDR malware and suspicious activity detected…
-
Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR
Tags: access, attack, automation, breach, cloud, communications, computer, cyber, cybersecurity, data, data-breach, defense, detection, edr, endpoint, firewall, intelligence, iot, malware, microsoft, monitoring, network, siem, software, sql, strategy, technology, threat, tool, windowsEDR identifies noticeable changes at the endpoint EDR, the oldest of the three detection technologies, monitors endpoints to mitigate attacks on them. Endpoints are network devices such as PCs, file servers, smartphones and IoT devices that connect to the network to communicate. A software agent is used to inventory EDR malware and suspicious activity detected…
-
Microsoft Foundry ties in with Agent 365
Microsoft Foundry adds context, including model routing, and tightens governance for developers working on AI agents within its broader Agent 365 control plane. First seen on techtarget.com Jump to article: www.techtarget.com/searchsoftwarequality/news/366634569/Microsoft-Azure-AI-Foundry-ties-in-with-Agent-365
-
Outband update fixes Windows 11 hotpatch install loop
Microsoft has released an out-of-band cumulative update to fix a known issue causing the November 2025 KB5068966 hotpatch update to reinstall on Windows 11 systems repeatedly. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-out-of-band-update-fixes-windows-11-hotpatch-install-loop/
-
Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Gain Higher Privileges
Microsoft disclosed a critical authentication bypass vulnerability in Azure Bastion, its managed remote access service, enabling attackers to escalate privileges to administrative levels with a single network request. The vulnerability, designated CVE-2025-49752, affects all Azure Bastion deployments and received an emergency security patch on November 20, 2025. Attribute Details CVE ID CVE-2025-49752 Vulnerability Type Authentication…
-
Windows 11 to Prevent BSOD Error Messages from Showing Publicly
Microsoft has announced a significant Windows 11 update that will prevent the Blue Screen of Death (BSOD) and other system error messages from appearing on public-facing screens. The new feature, called Digital Signage mode, addresses a critical business continuity challenge faced by restaurants, airports, retail stores, and other organizations that rely on public displays. Digital Signage…
-
Check Point und Microsoft bringen KI-Sicherheit direkt in Microsoft Copilot
Mit dieser Partnerschaft baut Check Point seine führende Rolle im Schutz KI-gesteuerter Unternehmen weiter aus und setzt einen wichtigen Meilenstein auf dem Weg, den gesamten KI-Lebenszyklus abzusichern von der Entwicklung bis zum Einsatz im Arbeitsalltag. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-und-microsoft-bringen-ki-sicherheit-direkt-in-microsoft-copilot/a42913/
-
Microsoft gesteht: Kernfunktionen von Windows 11 seit Monaten kaputt
Seit dem Juli-Patchday haben einige Anwender Probleme mit zentralen Windows-11-Funktionen wie dem Startmenü, der Taskleiste und dem Explorer. First seen on golem.de Jump to article: www.golem.de/news/microsoft-gesteht-kernfunktionen-von-windows-11-seit-monaten-kaputt-2511-202456.html
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Sneaky2FA phishing tool adds ability to insert legit-looking URLs
A look at Sneaky2FA: Sneaky2FA operates through a full-featured bot on Telegram, says the report. Customers reportedly receive access to a licensed, obfuscated version of the source code and deploy it independently. This means they can customize it to their needs. On the other hand, the report notes, Sneaky2FA implementations can be reliably profiled and…
-
Sneaky2FA phishing tool adds ability to insert legit-looking URLs
A look at Sneaky2FA: Sneaky2FA operates through a full-featured bot on Telegram, says the report. Customers reportedly receive access to a licensed, obfuscated version of the source code and deploy it independently. This means they can customize it to their needs. On the other hand, the report notes, Sneaky2FA implementations can be reliably profiled and…
-
Morpheus on Microsoft: AI SOC Platform for MSSPs Managing Sentinel, Defender, Entra, and More
Morpheus automates Tier 1 and Tier 2 SOC work across Microsoft Sentinel, Defender, and Entra ID. Scale your MSSP, maintain SLA compliance and service quality. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/morpheus-on-microsoft-ai-soc-platform-for-mssps-managing-sentinel-defender-entra-and-more/
-
$5M Settlement in Geisinger Health, Nuance Insider Breach
Class Action Litigation and Criminal Case Focus on Actions of an Ex-Tech Worker. A federal court has granted preliminary approval of a $5 million settlement in class action litigation filed against Pennsylvania-based Geisinger Health and Nuance Communications – now part of Microsoft – involving a 2023 insider data breach affecting more than 1 million Geisinger…
-
CVE-2025-50165: Critical Flaw in Windows Graphics Component
IntroductionIn May 2025, Zscaler ThreatLabz discovered CVE-2025-50165, a critical remote code execution (RCE) vulnerability with a CVSS score of 9.8 that impacts the Windows Graphics Component. The vulnerability lies within windowscodecs.dll, and any application that uses this library as a dependency is vulnerable to compromise, such as a Microsoft Office document. For example, attackers can exploit the…
-
Breach Roundup: Cloudflare Outage Root Cause
Also: Fortinet Flaws, Aisuru Botnet and Dutch Police Seize Bulletproof Host Servers. This week, the root cause of the Cloudflare outage, active exploitation of Fortinet flaws, Logitech disclosed a data breach, Microsoft headed off a record-breaking botnet attack, Dutch police seized bulletproof hosting servers and Princeton University disclosed a data breach after a phishing attack.…
-
Microsoft blanks out BSODs on public displays with new ‘Digital Signage mode’
Tags: microsoftBORK is borked First seen on theregister.com Jump to article: www.theregister.com/2025/11/18/windows_bsod_digital_signage_mode/
-
Copilot: KI in Windows 11 könnte Malware installieren
KI-Agenten sollen in Windows 11 Daten auswerten und Apps installieren können. Microsoft warnt aber auch vor neuartigen Cyberangriffen. First seen on golem.de Jump to article: www.golem.de/news/copilot-ki-in-windows-11-koennte-malware-installieren-2511-202423.html
-
Check Point arbeitet mit Microsoft zusammen, um KI-Sicherheit für Copilot-Studio auf Unternehmensniveau bereitzustellen
Da KI die Arbeitsabläufe in Unternehmen neu gestaltet, arbeitet Check Point mit Microsoft zusammen, um sichere Agent-Innovationen zu ermöglichen, die auf Echtzeit-Sicherheitsvorkehrungen, DLP und Bedrohungsprävention basieren. Die Zusammenarbeit ermöglicht es Unternehmen, generative KI-Agenten sicher zu entwickeln und einzusetzen, wobei kontinuierlicher Schutz, Compliance und Governance direkt in die Entwickler-Workflows integriert sind. Die Integration mit Copilot-Studio vereint…
-
Attack Surface Management ein Kaufratgeber
Tags: ai, api, attack, business, cloud, crowdstrike, cyber, cyberattack, cybersecurity, data, detection, dns, framework, hacker, hacking, HIPAA, incident response, infrastructure, intelligence, Internet, microsoft, monitoring, network, open-source, PCI, penetration-testing, risk, service, soc, software, supply-chain, threat, tool, update, vulnerabilityMit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen.Regelmäßige Netzwerk-Scans reichen für eine gehärtete Angriffsfläche nicht mehr aus. Um die Sicherheit von Unternehmensressourcen und Kundendaten zu gewährleisten, ist eine kontinuierliche Überwachung auf neue Ressourcen und Konfigurationsabweichungen erforderlich. Werkzeuge im Bereich Cyber Asset Attack Surface Management (CAASM)…
-
Critics scoff after Microsoft warns AI feature can infect machines and pilfer data
Integration of Copilot Actions into Windows is off by default, but for how long? First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/critics-scoff-after-microsoft-warns-ai-feature-can-infect-machines-and-pilfer-data/
-
Microsoft Teams Adds Option to Report Misidentified Threat Messages
Microsoft Teams is rolling out a new feature that allows users to misreport messages flagged as security threats. The capability, rolling out by the end of November 2025, targets organizations using Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR to improve threat detection accuracy. The feature addresses a common security challenge: false…
-
Microsoft Teams Adds Option to Report Misidentified Threat Messages
Microsoft Teams is rolling out a new feature that allows users to misreport messages flagged as security threats. The capability, rolling out by the end of November 2025, targets organizations using Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR to improve threat detection accuracy. The feature addresses a common security challenge: false…
-
Active Directory Trust Misclassification: Why Old Trusts Look Like Insecure External Trusts
Tenable Research reveals an Active Directory anomaly: intra-forest trusts created under Windows 2000 lack a key identifying flag, even after domain and forest upgrades. Learn how to find this legacy behavior persisting to this day, and use crossRef objects to correctly distinguish these trust types. Key takeaways: If your organization has an Active Directory environment…
-
Record-breaking DDoS attack against Microsoft Azure mitigated
The attack was linked to the Aisuru botnet, which targets compromised home routers and cameras. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/record-ddos-attack-microsoft-azure/805886/
-
KI überall: Windows 11 macht sich gerade noch unbeliebter als Windows 8
Wir finden: Microsoft sollte erst einmal andere Baustellen in Windows 11 beenden, bevor durch KI-Unsinn weitere hinzukommen. First seen on golem.de Jump to article: www.golem.de/news/ki-ueberall-windows-11-macht-sich-gerade-noch-unbeliebter-als-windows-8-2511-202366.html
-
Sophos integriert Cyber-Intelligenz in Copilot von Microsoft
Sophos hat heute die allgemeine Verfügbarkeit neuer Integrationen bekannt gegeben. Diese verbinden Sophos-Intelix, ein umfassendes Repository für Cyber-Bedrohungsinformationen, mit Microsoft-Security-Copilot und Microsoft-365-Copilot. Die auf der Microsoft-Ignite-Konferenz in San Francisco vorgestellten Integrationen ermöglichen es Unternehmen jeder Größe, in Echtzeit auf die Bedrohungsinformationen von Sophos innerhalb der KI-gestützten Umgebungen von Microsoft zuzugreifen. Das Resultat ist eine gestärkte…
-
Record-Breaking Cloud Incident Brings Outage Through the Internet
November 18, 2025 Cloudflare Global Outage (not a DDoS) The timing and Cloudflare’s brief initial misdiagnosis caused widespread confusion, with many people incorrectly believing Cloudflare had been DDoSed. Some reports even mentioned that the Cloudflare Incident was linked to an earlier DDoS incident towards Microsoft Azure. In reality, the two events were unrelated. October…The post…
-
Record-Breaking Cloud Incident Brings Outage Through the Internet
November 18, 2025 Cloudflare Global Outage (not a DDoS) The timing and Cloudflare’s brief initial misdiagnosis caused widespread confusion, with many people incorrectly believing Cloudflare had been DDoSed. Some reports even mentioned that the Cloudflare Incident was linked to an earlier DDoS incident towards Microsoft Azure. In reality, the two events were unrelated. October…The post…

