Tag: microsoft
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
CAASM and EASM: Top 12 attack surface discovery and management tools
Tags: access, ai, api, attack, automation, blockchain, business, cloud, control, corporate, credentials, cyber, cybersecurity, dark-web, data, data-breach, detection, dns, endpoint, exploit, framework, guide, hacking, HIPAA, incident response, infrastructure, intelligence, Internet, leak, marketplace, microsoft, monitoring, network, open-source, PCI, risk, risk-assessment, service, soc, software, supply-chain, technology, threat, tool, update, vulnerabilityCAASM and EASM tools for attack surface discovery and management: Periodic scans of the network are no longer sufficient for maintaining a hardened attack surface. Continuous monitoring for new assets and configuration drift are critical to ensure the security of corporate resources and customer data.New assets need to be identified and incorporated into the monitoring…
-
Ransomware Attacks Escalate in APAC Targeting VPN Flaws, Microsoft 365 Logins, Python Scripts
The Asia-Pacific (APAC) region is seeing a rapid surge in number of cyberattacks aimed at its enterprises’, a new report suggests. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ransomware-targets-apac-region/
-
Nach Update: Nervige Anmeldeprobleme unter Windows 11
Auch Windows Server 2025 ist betroffen. Ein Patch ist nicht zu erwarten. Microsoft sieht Admins in der Pflicht, ihre Systeme richtig zu klonen. First seen on golem.de Jump to article: www.golem.de/news/nach-update-nervige-anmeldeprobleme-unter-windows-11-2510-201407.html
-
Microsoft behebt Sicherheitslücke mit höchstem Gefahren-Score aller Zeiten
First seen on t3n.de Jump to article: t3n.de/news/microsoft-behebt-sicherheitsluecke-mit-hoechstem-gefahren-score-aller-zeiten-1713086/
-
AWS Outage: Lessons Learned
What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure? What Happened? On October 20, 2025, AWS experienced a major disruption that rippled across the internet (and social media), affecting widely used services such as Zoom, Microsoft Teams, Slack, and Atlassian. The issue originated not…
-
AWS Outage: Lessons Learned
What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure? What Happened? On October 20, 2025, AWS experienced a major disruption that rippled across the internet (and social media), affecting widely used services such as Zoom, Microsoft Teams, Slack, and Atlassian. The issue originated not…
-
The Many Shapes of Identity: Inside IAM 360, Issue 3
Tags: access, ai, business, cloud, communications, compliance, container, cybersecurity, data, deep-fake, encryption, guide, iam, identity, infrastructure, intelligence, microsoft, passkey, password, risk, software, strategy, technology, threatThe Many Shapes of Identity: Inside IAM 360, Issue 3 josh.pearson@t“¦ Tue, 10/21/2025 – 17:27 The new issue of IAM 360 is here! In this issue, we take on a theme that shows how identity never stands still, reshaping how we live and work as it evolves. We call it Form Factor. Why Form Factor?…
-
CISA Flags Highly Exploitable Windows SMB Flaw
Tags: attack, cisa, cybersecurity, exploit, flaw, infrastructure, microsoft, mitigation, network, ntlm, windowsNTLM Reflection Attack Strikes Again. A three-month old flaw in a network protocol for file sharing used by Microsoft is under active exploitation, warns the U.S. Cybersecurity and Infrastructure Security Agency. The flaw’s exploitation bypasses mitigations Microsoft has built over the years to prevent NTLM reflection attacks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-flags-highly-exploitable-windows-smb-flaw-a-29778
-
Recent Windows updates cause login issues on some PCs
Microsoft has confirmed that Windows updates released since August 29, 2025, are breaking authentication on systems sharing Security Identifiers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-recent-windows-updates-cause-login-issues-on-pcs-sharing-security-ids/
-
MIND upgrades endpoint DLP (and more!)
Tags: ai, automation, business, cloud, compliance, control, credentials, data, endpoint, google, healthcare, identity, leak, microsoft, okta, phone, risk, service, threatMIND Flight 1021 with service to Stress-Free DLP is now boarding. All ticketed and confirmed passengers should make their way to the boarding gate at this time. The airport hums with noise. Rolling suitcases bump over tile floors, boarding announcements echo through speakers and the line at TSA snakes endlessly ahead. You shift your weight…
-
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/cisa-warns-of-windows-smb-flaw-under-active-exploitation-cve-2025-33073/
-
Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection
A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data by hiding instructions in a document. The AI then encoded the data into a malicious Mermaid diagram that, when clicked, sent the stolen information to an attacker’s server. When Microsoft 365 Copilot was asked to…
-
Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection
A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data by hiding instructions in a document. The AI then encoded the data into a malicious Mermaid diagram that, when clicked, sent the stolen information to an attacker’s server. When Microsoft 365 Copilot was asked to…
-
From Reactive to Proactive: A New Jersey School District’s Google Microsoft Security Transformation
How Monmouth Regional High School District’s Tech Team Improved Cybersecurity and Student Safety Using Cloud Monitor At Monmouth Regional High School District in Eatontown, New Jersey, technology touches nearly every part of daily school life. The district serves about 945 students and 250 faculty and staff, all supported by a small but mighty IT team…
-
Security patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functions
Tags: api, authentication, banking, control, cryptography, ddos, defense, flaw, government, microsoft, network, tool, update, windowsMalfunctioning devices, failed connections, and installation errors: Update KB5066835 can also cause USB devices, including keyboards and mice, to malfunction in WinRE, preventing navigation in recovery mode. However, the keyboard and mouse do continue to work normally within the Windows OS. Microsoft has now released an out-of-band update, KB5070773, to address the issue.Additionally, the security…
-
Microsoft fixes bug preventing users from opening classic Outlook
Microsoft has fixed a major bug preventing Microsoft 365 users from launching the classic Outlook email client on Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-preventing-users-from-opening-classic-outlook/
-
Decoding Microsoft 365 Audit Logs Using Bitfield Mapping: An Investigation Report
Understanding exactly how users authenticate to cloud services is crucial for effective security monitoring. A recently refined bitfield mapping technique decodes the opaque UserAuthenticationMethod values in Microsoft 365 audit logs, transforming numeric codes into actionable, human-readable descriptions. This breakthrough empowers incident responders to identify primary authentication methods even when only Microsoft 365 audit logs are…
-
Via Microsoft Sharepoint: Cyberangriff trifft US-Atomwaffenhersteller
Hacker haben einen Hersteller wichtiger Atomwaffenkomponenten der USA attackiert. Einstiegspunkt waren Sicherheitslücken in Microsoft Sharepoint. First seen on golem.de Jump to article: www.golem.de/news/via-microsoft-sharepoint-cyberangriff-trifft-us-atomwaffenhersteller-2510-201379.html
-
CISOs’ security priorities reveal an augmented cyber agenda
Tags: access, ai, attack, authentication, automation, awareness, business, cio, ciso, cyber, cybersecurity, data, deep-fake, detection, edr, email, framework, governance, healthcare, incident response, intelligence, malware, microsoft, mssp, phishing, ransomware, risk, service, siem, soc, software, tactics, technology, threat, tool, training, usa, vulnerability, vulnerability-management, zero-trustCSOConsequently, 41% are planning to leverage AI to detect threats, for anomaly detection, and to automate security responses. Other respondents cited plans to leverage AI for malware detection and real-time risk prediction (39%), as well as DLP and improving enterprise system visibility.Further, 40% expect to see AI enhancements as part of their existing security systems,…
-
CISOs’ security priorities reveal an augmented cyber agenda
Tags: access, ai, attack, authentication, automation, awareness, business, cio, ciso, cyber, cybersecurity, data, deep-fake, detection, edr, email, framework, governance, healthcare, incident response, intelligence, malware, microsoft, mssp, phishing, ransomware, risk, service, siem, soc, software, tactics, technology, threat, tool, training, usa, vulnerability, vulnerability-management, zero-trustCSOConsequently, 41% are planning to leverage AI to detect threats, for anomaly detection, and to automate security responses. Other respondents cited plans to leverage AI for malware detection and real-time risk prediction (39%), as well as DLP and improving enterprise system visibility.Further, 40% expect to see AI enhancements as part of their existing security systems,…
-
Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
-
Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
-
Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reducing-abuse-of-microsoft-365-exchange-onlines-direct-send/
-
Windows 11 KB5070773 emergency update fixes Windows Recovery issues
Microsoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing the October 2025 security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-usb-issue-that-made-windows-recovery-unusable/
-
CISA Warns of Actively Exploited Windows SMB Vulnerability
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked as CVE-2025-33073, affects the Windows SMB Client and could allow attackers to escalate privileges on…
-
CISA Warns of Actively Exploited Windows SMB Vulnerability
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked as CVE-2025-33073, affects the Windows SMB Client and could allow attackers to escalate privileges on…
-
Channel-Partner aufgepasst: Microsoft-Tools und Know-how praxisnah erleben
Die ADN Microsoft CSP Week ist zurück und bringt vom 24. bis 28. November 2025 eine außergewöhnliche Reihe an Top-Speakern und Branchenexpert:innen auf die virtuelle Bühne. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/channel-partner-aufgepasst-microsoft-tools-und-know-how-praxisnah-erleben/a42420/
-
October updates break USB input in Windows Recovery
Microsoft has confirmed that this month’s security updates disable USB mice and keyboards in the Windows Recovery Environment (WinRE), making it unusable. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-october-updates-break-usb-mice-and-keyboards-in-windows-recovery/