< ciso
brief />
Tag Banner

All news with #microsoft tag

836 articles · page 23 of 42

Microsoft Teams adds brand impersonation call warnings

🔔 Microsoft is introducing Brand Impersonation Protection for Teams Calling, rolling out to the targeted release ring in mid‑February and enabled by default. The feature inspects incoming VoIP calls from first‑time external contacts for signs of brand impersonation and displays high‑risk call warnings before suspicious calls are answered. Users can accept, block, or end flagged calls, and alerts may persist during a conversation if suspicious signals continue. IT teams are advised to update support materials and brief helpdesks ahead of the rollout.
read more →

Microsoft brings AI to Notepad and Paint on Windows

🧰 Microsoft is rolling out AI enhancements to Notepad and Paint for Windows 11 Insiders in the Canary and Dev channels. Notepad now streams AI-generated previews for Write, Rewrite, and Summarize and adds expanded Markdown formatting and a welcome screen to surface new features. Paint introduces an AI-powered Coloring Book for Copilot+ PCs and a fill tolerance slider for finer control. Both features require Microsoft account sign-in and can be disabled or uninstalled.
read more →

Attackers Exploit Microsoft Teams to Phish Users Worldwide

📧 Attackers abused Microsoft Teams functionality to distribute phishing content that appears to come from legitimate services. They created guest invitations and finance-themed team names that mimic billing and subscription notices, prompting recipients to contact a fraudulent support phone number. The campaign sent 12,866 phishing messages (about 990 per day) and targeted 6,135 users. Recipients were encouraged to call attackers posing as support to resolve fake payment issues.
read more →

Protecting Microsoft 365 Tenant Configurations Now

🔐 Microsoft 365 tenant configurations are the operational blueprint for services such as Entra, Intune, Exchange, Defender, Teams and SharePoint. The piece stresses that Microsoft does not provide backups for tenant-level settings under the shared responsibility model, so restoration is the customer's duty. Lost or altered policies — from conditional access and MFA rules to DLP and retention policies — can disrupt security, compliance and business continuity. Organizations should adopt intelligent configuration backup to maintain a Zero-Trust posture and ensure recoverability.
read more →

Resurgence of AiTM and BEC campaign abusing SharePoint

🔒 Microsoft Defender researchers uncovered a multi‑stage AiTM phishing and BEC campaign that abused SharePoint file‑sharing to deliver credential‑harvesting traps and maintain persistence by creating malicious inbox rules. Attackers used trusted vendor‑style lures and legitimate SharePoint redirects to capture session cookies or credentials, then expanded the campaign across energy sector organizations by sending more than 600 phishing messages from compromised accounts. Defender XDR and Office 365 detections exposed session cookie theft, replay attempts, and malicious inbox rules — remediation requires revoking session cookies, deleting attacker‑created inbox rules, and restoring MFA controls in addition to password resets.
read more →

Microsoft shares workaround for Outlook freezing issue

🔧 Microsoft provided a temporary workaround for users whose Outlook desktop client freezes after installing this month's Windows security updates. The bug affects POP accounts and configurations that store PST files on cloud-backed storage such as OneDrive or Dropbox, and has been reported on Windows 11 25H2 and 24H2, Windows 10, and multiple Windows Server releases. Microsoft recommends accessing mail via webmail, moving PST files out of OneDrive, or uninstalling the KB5074109/KB5073724 updates via Settings > Windows Update > Update history > Uninstall updates, while warning that removing security updates increases exposure to threats.
read more →

UK launches Report Fraud to replace Action Fraud service

🛡️Report Fraud has launched in the UK to replace the criticised Action Fraud service, providing a single, modern national reporting, triage and intelligence platform across England, Wales and Northern Ireland. The service incorporates real-time analytics powered by Palantir and Microsoft, an interactive portal for victims to track and update cases, proactive notifications, and instant intelligence sharing with police and businesses. A new National Crime Analysis Service (N-CAS) will underpin analytics, and a national "Every Report Counts" advertising campaign will promote the launch.
read more →

Four priorities for AI-powered identity and network access

🔐 Microsoft recommends four priorities for identity and network access in 2026: deploy fast, adaptive AI protection; manage and govern AI agents as first-class identities; unify identity and network controls into an Access Fabric; and strengthen identity foundations with phishing-resistant credentials and high-assurance recovery. The post cites Microsoft Entra capabilities and studies showing faster, more accurate admin workflows, and emphasizes applying Zero Trust to agents, networks, and devices.
read more →

Microsoft PowerToys Adds CursorWrap Mouse Teleport Tool

🖱️ Microsoft released PowerToys 0.97, introducing CursorWrap, a new mouse utility that 'teleports' the pointer to the opposite edge of active monitors to ease navigation across multi-monitor setups. The update also brings major improvements to the Command Palette quick launcher, adding built-in extensions to control other PowerToys, Peek file previews, a Personalization page, and a Remote Desktop extension. PowerToys is available via the Microsoft Store and GitHub.
read more →

Intune MAM update enforces latest SDKs or blocks apps

⚠️ Microsoft is enforcing new Intune MAM security requirements beginning January 19 (or shortly after), requiring updated iOS SDKs/wrappers and an updated Android Company Portal to keep apps running. Enterprises that don’t update wrapped or SDK-integrated apps — including Outlook and Teams — risk having those apps blocked from launching. Admins should rebuild or rewrap affected apps, push updates, enable conditional launch policies, and monitor App Protection Status to avoid user outages.
read more →

Microsoft releases OOB Windows fixes for Cloud PC issues

🔧 Microsoft has issued out-of-band Windows updates to address two issues introduced by the January 2026 security updates: credential prompt failures that can block Microsoft 365 Cloud PC and remote desktop sign-ins, and a shutdown/hibernate failure on Windows 11 23H2 when Secure Launch is enabled. The fix packages must be manually downloaded from the Microsoft Update Catalog, and administrators can deploy Known Issue Rollback (KIR) installers via Group Policy for enterprise-managed devices when immediate deployment is required.
read more →

Windows 11 January Update Causes Outlook Freezes for POP

⚠ Microsoft is investigating reports that the January Windows 11 security update KB5074109 causes the classic Outlook desktop client to freeze and hang for users with POP email accounts. Affected users say Outlook does not exit properly and will not restart after being closed, disrupting normal mail access. Microsoft’s Outlook and Windows teams are examining the issue but have not provided a timeline for a fix. As a temporary workaround, users can uninstall KB5074109 via Settings > Windows Update > Update history > Uninstall updates, though removing security updates can expose systems to additional risk.
read more →

Windows 11 23H2 Shutdown Issue After January Security Update

⚠️ Microsoft has confirmed that the January 13, 2026 cumulative update (KB5073455) can prevent some Windows 11, version 23H2 devices with System Guard Secure Launch enabled from shutting down or entering hibernation, causing them to restart instead. The issue is limited to Enterprise and IoT editions where the update is offered. Microsoft recommends the temporary workaround shutdown /s /t 0 for shutdowns and warns there is currently no hibernation workaround. Users should save work and perform manual shutdowns to avoid battery drain.
read more →

Microsoft's Copilot Studio VS Code Extension Public

🚀 Microsoft released the Copilot Studio extension for Visual Studio Code, enabling developers to build and manage Copilot Studio agents directly within the editor. The extension lets teams pull full agent definitions locally, edit components with IDE features like syntax highlighting and IntelliSense-style completion, and preview or compare changes against the cloud. It supports Git versioning, CI/CD integration, and works with AI coding assistants to speed development; the extension is free on the VS Code Marketplace and has been downloaded over 13,000 times.
read more →

Design an AI and Agent Strategy with Microsoft Marketplace

🧭 Microsoft Marketplace positions itself as the central catalog for organizations choosing how to adopt AI—whether to build, buy, or blend solutions. It hosts more than 11,000 prepackaged models and over 4,000 AI apps and agents, accessible via the storefront, Azure portal, and Microsoft Foundry. The platform supports both pro-code and low-code development workflows, including Copilot Studio, and emphasizes integration, governance, and faster time-to-value for enterprise deployments.
read more →

Reprompt attack: single-click data exfiltration from Copilot

🔒 Cybersecurity researchers disclosed a novel method called Reprompt that can enable single-click data exfiltration from AI chatbots, notably Microsoft Copilot, while bypassing typical enterprise controls. The technique exploits the Copilot q URL parameter to inject instructions from a link, then uses repeated requests and a remote attacker server to continue covert fetching and return of sensitive data with no further user interaction. Microsoft says it addressed the issue and that Microsoft 365 Copilot enterprise customers are not affected, but researchers warn the approach turns Copilot into an invisible exfiltration channel.
read more →

Microsoft Tops Brands Imitated in Q4 2025 Phishing

🔒 In Q4 2025, Check Point Research found Microsoft to be the most impersonated brand in phishing campaigns, responsible for 22% of branded phishing attempts. Google followed with 13%, while Amazon rose to 9%, driven by Black Friday and holiday sales, displacing Apple. After a lengthy absence, Facebook (Meta) reappeared in the top ten at fifth, underscoring renewed interest in social media account takeover. The pattern reflects a multi-quarter trend of attackers abusing trusted enterprise and consumer brands to harvest credentials and gain initial access.
read more →

International Takedown of RedVDS Cybercrime Service

🛡️ International law enforcement, together with Microsoft, dismantled the RedVDS cybercrime service after seizing servers hosted in Germany. Authorities from Germany, the United States and the United Kingdom, confirmed by the ZIT and the State Criminal Police Office of Brandenburg, say the platform enabled large-scale phishing and boss‑scam frauds. Microsoft reports $40 million in US losses over seven months and highlights prolific phishing volumes from rented virtual machines. No arrests have been reported; suspects are believed to be located in an unspecified Middle Eastern country.
read more →

Microsoft Seizes Servers, Disrupts RedVDS Cyberplatform

🔒 Microsoft says it disrupted RedVDS, a cybercrime-as-a-service platform tied to at least $40 million in U.S. losses since March 2025. The company filed civil lawsuits in the U.S. and U.K., and — working with Europol and German authorities — seized servers, took the marketplace and customer portal offline, and removed malicious infrastructure. RedVDS rented disposable Windows cloud servers worldwide to enable large-scale phishing, BEC, credential theft and AI‑enhanced impersonation campaigns.
read more →

Microsoft Named Leader in IDC AI Governance Report

🔒 Microsoft was named a Leader in the 2025–2026 IDC MarketScape for Worldwide Unified AI Governance Platforms, recognizing its integrated approach to governing generative, agentic, and traditional ML across hybrid and multicloud environments. The company emphasizes centralized control, observability, and automated compliance through Microsoft Foundry, Agent 365, Purview, Entra, and Defender. Backed by the Responsible AI standard and an Office of Responsible AI, Microsoft highlights built-in transparency, fairness, explainability, and real-time security protections for regulated enterprises.
read more →