Cloud Security
Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails.
Hi, what are you looking for?
SecurityWeek
All posts tagged "Microsoft"
Artificial Intelligence
ChatGPT Enterprise is a corporate edition of ChatGPT that promises “enterprise-grade security” and a commitment not to use prompts and company data to train...
Endpoint Security
NEWS ANALYSIS: Redmond plants its feet firmly in the enterprise browser space, sending major ripples through Silicon Valley's bustling venture-backed startup ecosystem.
ICS/OT
Over a dozen Codesys vulnerabilities discovered by Microsoft researchers can be exploited to shut down industrial processes or deploy backdoors.
Vulnerabilities
CISA has added CVE-2023-38180, a zero-day vulnerability affecting .NET and Visual Studio, to its Known Exploited Vulnerabilities Catalog.
Vulnerabilities
For the fourth consecutive year, Microsoft has paid out more than $13 million through its bug bounty programs.
Cyberwarfare
Patch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products.
Management & Strategy
A critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly.
Vulnerabilities
Fortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service.
Cloud Security
Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.
Cloud Security
Facing intense pressure after Chinese APT hack, Microsoft plans to expand logging defaults for lower-tier M365 customers.
Cloud Security
Businesses using ‘Log in with Microsoft’ could be exposed to privilege escalation and full account takeover exploits.
Cybercrime
Early June 2023 disruptions to Microsoft’s flagship office suite were Layer 7 DDoS attacks by a shadowy new hacktivist group dubbed Storm-1359 by Microsoft.
Network Security
Patch Tuesday: Microsoft ships updates to over at least 70 documented vulnerabilities affecting the Windows ecosystem.
Ransomware
A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.
Vulnerabilities
Microsoft has rolled out patches for a vulnerability allowing attackers to bypass mitigations for a critical Outlook zero-day leading to credentials theft.
Artificial Intelligence
Microsoft expanded public access to its generative artificial intelligence programs, despite fears that tech firms are rushing ahead too quickly with potentially dangerous technology.
Nation-State
Microsoft blames a “Russian-based threat actor” for in-the-wild attacks hitting its flagship Microsoft Outlook and has released a detection script to help defenders.
Vulnerabilities
Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.
Vulnerabilities
Microsoft’s Patch Tuesday machine is humming loudly with software updates to fix at least 76 vulnerabilities in Windows and OS components.
Vulnerabilities
WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit.
Data Protection
Data Breaches
Artificial Intelligence
Network Security
Malware & Threats
Vulnerabilities
Malware & Threats
