Microsoft

Microsoft Names Suspects in Lawsuit Against AI Hackers

AI, Artificial Intelligence, deepfake, Featured, generative AI, lawsuit, Microsoft, Storm-2139 /

Microsoft Names Suspects in Lawsuit Against AI Hackers 2025-02-28 at 12:49 By Eduard Kovacs In a lawsuit targeting cybercriminals who abuse AI services, Microsoft has named individuals from Iran, the UK, China and Vietnam. The post Microsoft Names Suspects in Lawsuit Against AI Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Loading spinner

Microsoft Names Suspects in Lawsuit Against AI Hackers Read More »

What Microsoft’s Majorana 1 Chip Means for Quantum Decryption

Data Protection, Featured, Microsoft, quantum computing, Quantum cryptography, Quantum Decryption /

What Microsoft’s Majorana 1 Chip Means for Quantum Decryption 2025-02-24 at 21:20 By Kevin Townsend The question is whether Majorana 1 advances progress toward quantum computing – or for security professionals, the arrival of computers powerful enough to break PKE. The post What Microsoft’s Majorana 1 Chip Means for Quantum Decryption appeared first on SecurityWeek.

React to this headline:

Loading spinner

What Microsoft’s Majorana 1 Chip Means for Quantum Decryption Read More »

Massive botnet hits Microsoft 365 accounts

attacks, cybersecurity, Microsoft, Microsoft 365, News, passwords, SecurityScorecard /

Massive botnet hits Microsoft 365 accounts 2025-02-24 at 15:16 By Help Net Security A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated threat actors, citing evidence of infrastructure linked to CDS Global Cloud and UCLOUD

React to this headline:

Loading spinner

Massive botnet hits Microsoft 365 accounts Read More »

Microsoft Patches Exploited Power Pages Vulnerability

exploited, Featured, Microsoft, Power Pages, Vulnerabilities /

Microsoft Patches Exploited Power Pages Vulnerability 2025-02-20 at 12:49 By Eduard Kovacs Microsoft has patched CVE-2025-24989, a Power Pages privilege escalation vulnerability that has been exploited in attacks. The post Microsoft Patches Exploited Power Pages Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Patches Exploited Power Pages Vulnerability Read More »

The XCSSET info-stealing malware is back, targeting macOS users and devs

Don't miss, Hot stuff, macOS, Malware, Microsoft, News, software development, Trend Micro, Xcode /

The XCSSET info-stealing malware is back, targeting macOS users and devs 2025-02-17 at 19:50 By Zeljka Zorz A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and backdoor-injecting malware targeting Mac users. It’s usually distributed via infected Xcode projects

React to this headline:

Loading spinner

The XCSSET info-stealing malware is back, targeting macOS users and devs Read More »

Russian State Hackers Target Organizations With Device Code Phishing

device code phishing, Microsoft, Nation-State, phishing, Russia, Storm-2372 /

Russian State Hackers Target Organizations With Device Code Phishing 2025-02-17 at 14:49 By Ionut Arghire Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Russian State Hackers Target Organizations With Device Code Phishing Read More »

Sandworm APT’s initial access subgroup hits organizations accross the globe

APT, Don't miss, energy sector, Hot stuff, Microsoft, News, Russian Federation, telecommunications /

Sandworm APT’s initial access subgroup hits organizations accross the globe 2025-02-13 at 15:34 By Zeljka Zorz A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the

React to this headline:

Loading spinner

Sandworm APT’s initial access subgroup hits organizations accross the globe Read More »

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft

APT44, Microsoft, Nation-State, Russia, Sandworm, Seashell Blizzard /

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft 2025-02-12 at 19:10 By Ionut Arghire A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence. The post Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft Read More »

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

Action1, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, Tenable, Trend Micro, Windows, Windows Server /

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) 2025-02-11 at 22:21 By Zeljka Zorz February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which interfaces

React to this headline:

Loading spinner

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) Read More »

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day

CVE-2025-21391, CVE-2025-21418, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day 2025-02-11 at 22:06 By Ryan Naraine The Microsoft Patch Tuesday machine hummed loudly this month urgent fixes for a pair of already-exploited Windows zero-days. The post Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day Read More »

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts

AI, Artificial Intelligence, bug bounty program, Copilot, Microsoft, Vulnerabilities /

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts 2025-02-10 at 14:37 By Ionut Arghire Microsoft has added more Copilot consumer products to its bug bounty program and is offering higher rewards for medium-severity vulnerabilities. The post Microsoft Expands Copilot Bug Bounty Program, Increases Payouts appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts Read More »

Can AI Early Warning Systems Reboot the Threat Intel Industry?

APT, Artificial Intelligence, China, Google, Iran, Malware & Threats, Microsoft, North Korea, OpenAI, Threat Intelligence /

Can AI Early Warning Systems Reboot the Threat Intel Industry? 2025-02-10 at 13:02 By Ryan Naraine News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry? The post Can AI Early Warning Systems Reboot the

React to this headline:

Loading spinner

Can AI Early Warning Systems Reboot the Threat Intel Industry? Read More »

February 2025 Patch Tuesday forecast: New directions for AI development

Don't miss, Expert analysis, Expert corner, Hot stuff, Ivanti, Microsoft, News, Patch Tuesday, predictions /

February 2025 Patch Tuesday forecast: New directions for AI development 2025-02-10 at 08:02 By Help Net Security The new year has started with a whirlwind of activity, and one of the hottest topics in the news is the increasing emphasis on AI. DeepSeek ad Stargate DeepSeek took the world by storm as millions of copies

React to this headline:

Loading spinner

February 2025 Patch Tuesday forecast: New directions for AI development Read More »

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

Don't miss, Hot stuff, IIS server, Malware, Microsoft, News, web application security, web shell /

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys 2025-02-07 at 14:22 By Zeljka Zorz A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this activity, we observed an insecure

React to this headline:

Loading spinner

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys Read More »

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

0-day, Don't miss, enterprise, Hot stuff, Microsoft, News, secure access, security update, SonicWall /

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) 2025-01-23 at 11:03 By Zeljka Zorz A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said

React to this headline:

Loading spinner

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) Read More »

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)

CVE, Don't miss, ESET, Microsoft, News, research, vulnerability /

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) 2025-01-16 at 12:03 By Help Net Security ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party certificate. Exploiting this vulnerability

React to this headline:

Loading spinner

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) Read More »

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

0-day, Action1, Don't miss, Hot stuff, Immersive Labs, Microsoft, MS Office, News, Tenable, Trend Micro, Unpatched.ai, virtualization, vulnerability, Windows, Windows Server /

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws 2025-01-14 at 23:03 By Zeljka Zorz Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The exploited zero-days are CVE-2025-21333

React to this headline:

Loading spinner

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Read More »

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

Adobe, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, Windows /

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance 2025-01-10 at 09:45 By Help Net Security Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released in 2024. While this security

React to this headline:

Loading spinner

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance Read More »

Scroll to Top