[remote] Microsoft - NTLMv2 Hash Capture
Microsoft - NTLMv2 Hash Capture
Microsoft
20 articles
Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem
Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity s...
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines pe...
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affect...
Microsoft’s Copilot trust test: zero findings, more models, wider oversight
Microsoft 365 Copilot and Copilot Chat (Copilot) have been recertified under ISO/IEC 42001:2023 by an independent auditor for the second consecutive year. Co...
ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake insta...
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
U.S.
Microsoft Condemns "Uncoordinated" Zero Day Disclosures
Microsoft warned the disclosure of several unpatched vulnerabilities without notice has put “customers at unnecessary risk”
Microsoft’s new cloud PCs place AI agents under enterprise controls
Microsoft’s Windows 365 for Agents, a cloud PC platform for agentic workloads, runs AI agents in secure environments. Organizations can direct agents with na...
Microsoft Warns Against Public Release of Zero-Day Details Before Vendor Coordination
Microsoft has issued a strong warning to the cybersecurity community following a recent surge in publicly disclosed zero-day vulnerabilities without prior co...
XM Cyber expands platform to enforce least-privilege access
XM Cyber Inc. announced an expansion of its platform with new capabilities designed to help enterprises enforce least-privilege access across Active Director...
Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th)
Most Akira write-ups focus on the ransom note or the encryption routine. By the time those show up the interesting forensic work is over.
AI chatbot recommendations lure users to cryptojacking malware sites
Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking cam...
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB...
Google AI Threat Defense targets attackers using AI to find flaws faster
Google Cloud introduced AI Threat Defense, an automated cybersecurity platform that combines several of the company’s security assets to find, prioritize, an...
Windows Kernel Vulnerability Lets Attackers Modify Kernel Memory Counters
A critical Windows kernel vulnerability, CVE-2026-40369, allows any unprivileged process, including a browser renderer sandbox, to increment arbitrary kernel...
Windows 11 KB5089573 update released with performance improvements
Microsoft has released the KB5089573 preview cumulative update for Windows 11 versions 25H2 and 24H2, which comes with 30 changes, including performance and ...
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing mal...
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
A critical vulnerability, tracked as CVE-2026-45659, in Microsoft SharePoint can allow attackers to achieve remote code execution with little effort. Microso...
Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks
Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow attackers to execute arbitrary code remotely, raising signifi...