ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
39M secrets exposed: GitHub rolls out new security tools
<html><body><p>39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code. Microsoft-owned code hosting p
Microsoft starts testing Windows 11 taskbar icon scaling
<html><body><p>Microsoft is testing a new taskbar icon scaling feature that automatically scales down Windows taskbar icons to show more apps when it gets too overcrowded. [...]</p></body></html>
Threat actors leverage tax season to deploy tax-themed phishing campaigns
<html><body><p>As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to d
“Urgent reminder” tax scam wants to phish your Microsoft credentials
<html><body><p>With tax season in full swing, we're seeing scammers flexing their social engineering muscles. Be prepared.</p></body></html>
Transforming public sector security operations in the AI era
<html><body><p>Read how Microsoft’s unified security operations platform can use generative AI to transform cybersecurity for the public sector. </p> <p>The post <a href="https://www.microsoft.com/en-us/security/blog/202
Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
<html><body><p>Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Ex
New innovations in Microsoft Purview for protected, AI-ready data
<html><body><p>Microsoft Purview delivers a comprehensive set of solutions that help customers seamlessly secure and confidently activate data in the era of AI.</p> <p>The post <a href="https://www.microsoft.com/en-us/se
US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID
<html><body><p>Discover how the US Department of Labor enhanced security and modernized authentication with Microsoft Entra ID and phishing-resistant authentication. </p> <p>The post <a href="https://www.microsoft.com/en
Microsoft unveils Microsoft Security Copilot agents and new protections for AI
<html><body><p>Learn about the upcoming availability of Microsoft Security Copilot agents and other new offerings for a more secure AI future.</p> <p>The post <a href="https://www.microsoft.com/en-us/security/blog/2025/0
StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
<html><body><p>Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrat
ClickFix: How to Infect Your PC in Three Easy Steps
<html><body><p>A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to distinguish
How MSRC coordinates vulnerability research and disclosure while building community
<html><body><p>Learn about the Microsoft Security Response Center, which investigates vulnerabilities and releases security updates to help protect customers from cyberthreats.</p> <p>The post <a href="https://www.micros
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
<html><body><p>Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organiz
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday
<html><body><p>Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.</p><
So gefährlich ist die Sicherheitslücke im Microsoft Configuration Manager
Zwei Jahre nach Bekanntwerden der Sicherheitslücke CVE-2024-43468 im Microsoft Configuration Manager, wird diese aktiv für Cyberangriffe ausgenutzt. Der Patch-Prozess galt damals als sehr komplex.
Massive Phishing-Kampagne nutzt Microsoft Sway aus: QR-Codes im Visier
<html><body><p>Eine groß angelegte Phishing-Kampagne missbraucht Microsoft Sway, ein cloudbasiertes Tool zur Erstellung von Online-Präsentationen, um Microsoft 365-Nutzer dazu zu bringen, ihre Zugangsdaten preiszugeben.
Kritische RCE-Schwachstelle in Microsoft Edge ermöglicht Remote-Systemübernahme
<html><body><p>Eine schwerwiegende Schwachstelle zur Remote-Code-Ausführung (RCE) wurde in Microsoft Edge entdeckt. Diese Schwachstelle könnte Angreifern ermöglichen, die Kontrolle über betroffene Systeme zu übernehmen,
Kritische Sicherheitslücke in Outlook: Technische Details zur Zero-Click-RCE-Verwundbarkeit veröffentlicht
<html><body><p>Forscher von Morphisec haben detaillierte technische Informationen über eine kürzlich entdeckte Zero-Click-Sicherheitslücke in Microsoft Outlook veröffentlicht, die als CVE-2024-38021 identifiziert wurde.
ClickFix-Angriffsvariante ConsentFix: So tricksen Hacker Microsoft-Konten aus
Durch diesen Trick erhalten die Angreifer den OAuth-Schlüssel und können eine Verbindung zwischen ihrem eigenen System und dem Microsoft-Konto des Opfers herstellen – ohne Passwortdiebstahl oder Umgehung der Multi-Faktor
Sophos integriert „Intelix“ in Microsoft Security Copilot und Microsoft 365 Copilot
Durch die Integration von Sophos Intelix in Microsoft Copilot stellt Sophos seine Bedrohungsdaten universell bereit – damit Unternehmen Bedrohungen schneller analysieren, schneller reagieren und ihre Sicherheitslage insg