News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Phishing: 200.000 emails imitating Microsoft, McAfee and Adobe
B2B Cyber ​​Security ShortNews

Security researchers have discovered 200.000 phishing emails that misused URL information to disguise phishing links. The scam was first observed on January 21, 2025, and is still ongoing, although the daily threat volume is decreasing. The cybercriminals behind this campaign aim to target as many organizations and individuals as possible. The hackers do not appear to be targeting specific industries, so a wide range of companies could be targeted by the attacks unless they have an advanced email security solution. Because the operational mechanisms of this campaign are quite sophisticated, most…

Read more

Since 2017: Zero-day exploits in Windows LNK files
Since 2017: Zero-day exploits in Windows LNK files Image: Bing - AI

The Zero Day Initiative (ZDI) has identified ZDI-CAN-25373, a Windows .lnk file vulnerability that has been abused by APT groups with zero-day exploits since 2017. The Zero Day Initiative's threat hunting team has identified nearly 1000 malicious .lnk files that abuse ZDI-CAN-25373, a vulnerability that allows attackers to execute hidden malicious commands on a victim's computer by using crafted shortcut files. The attacks use hidden command-line arguments in .lnk files to execute malicious zero-day exploits. This poses significant risks for organizations of data theft and...

Read more

Brand Phishing: Microsoft in first place

The trend toward brand phishing to steal personal credentials and information continues unabated. In the last quarter of 2024, the most frequently counterfeited brands came from the technology sector. There are also counterfeits of PayPal, Facebook, Nike, Adidas, and various luxury brands. Check Point Research (CPR) has published its current Brand Phishing Ranking for Q4 2024. In the fourth quarter, Microsoft remained the most frequently counterfeited brand with 32 percent. Apple maintained second place with 12 percent, while Google maintained its third place with 12 percent, but a slightly lower figure on the…

Read more

Microsoft Patchday: Over 1.000 security updates in February 2025  
B2B Cyber ​​Security ShortNews

From February 6th to 11th, Microsoft provided 1.212 notices and security updates for its services and systems on Patch Day. Among them are 55 critical vulnerabilities which, according to the description, allow code to be executed remotely. The list is very long and not easy to keep track of: Microsoft currently lists a total of 1.212 vulnerabilities in its security updates for February. Most of these are closed for individual devices through the automatic operating system update. However, system administrators should pay particular attention to the 55 critical vulnerabilities, 21 of which alone affect the security of Microsoft...

Read more

Self-service backup of OneDrive data
Self-service backup of OneDrive data

With the 365 Total Backup solution, end users can restore their mailbox and OneDrive data independently without IT training. Backup and restore is now also available for Microsoft OneNote. This allows users to back up their OneNote notebooks automatically and easily. Hornetsecurity, a world-leading cybersecurity expert, is introducing the updated version of its 365 Total Backup solution. This now has a self-service option for end users to back up and restore mailbox and OneDrive data. The new features are also available with the 365 Total Protection plans 3 and 4. End users can restore their own data independently Hornetsecurity has updated its…

Read more

Danger: Infection via Outlook without opening the file
B2B Cyber ​​Security ShortNews

The BSI also warns: Due to a critical vulnerability, it is possible that an email received via Outlook containing a dangerous OLE object is already executed with the preview. No user action is required. According to the BSI, no attacks have been observed yet. Microsoft sent out the updates on Patch Day because there is still a highly dangerous vulnerability in the Windows Remote System. As part of its monthly Patch Day, Microsoft published details of vulnerabilities that can be closed with security updates in January. The current issue also contains information on a...

Read more

Phishing-resistant authentication for Microsoft
Phishing-resistant authentication for Microsoft

A leading provider of security keys for hardware authentication has introduced a new phishing-resistant solution for Microsoft ecosystems that eliminates passwords, empowers corporate employees and improves cyber resilience. Yubico announced the availability of the Yubico Enrollment Suite for Microsoft users, including Yubico FIDO Pre-reg and the new YubiEnroll. These solutions integrate with Microsoft Entra ID and help organizations create stronger cyber resilience and further advance strategies with a zero-trust model. The Yubico Enrollment Suite enables companies to increase their security standards and increase their cyber resilience by using phishing-resistant multi-factor authentication…

Read more

600 million cyber attacks on Microsoft customers every day

Microsoft customers, for example, are attacked more than 600 million times every single day by cyber criminals and state hackers. The intensity of cyber attacks continues to increase. A study shows that Germany, for example, is only partially prepared to defend itself digitally. In order to reduce the very high number of cyber attacks, there must be an effective deterrent, which can be achieved in two ways: through effective defense against hacker attacks and also government action to consistently pursue malicious behavior and hold the actors accountable. At Microsoft, protecting customers and the digital…

Read more

Microsoft Remote Desktop Protocol with CVSS 8.1 vulnerability
B2B Cyber ​​Security ShortNews

Microsoft lists the highly dangerous vulnerability CVE-2024-43582, a security hole that allows remote code execution in the Remote Desktop Protocol Server. The CVSS score is 8.1. Microsoft states that exploitation would not be that easy - the Zero Day Initiative sees it differently. The Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services. In its current security update guide, a highly dangerous RDP (Microsoft Remote Desktop Protocol) vulnerability is listed with a CVSS score of 8.1 out of 10. Microsoft is more relaxed about the problem than ZDI This error allows a remote, non-...

Read more

Security services with support for Microsoft Entra ID

There is a new update to the HYCU R-Cloud data protection platform that brings far-reaching innovations. This offers customers additional protection for their identity and access management (IAM) solutions with support for Microsoft Entra ID. With the announcement, companies receive item-level backup and recovery for Microsoft's widely used IAM solution together with Okta and cloud security services. With the latest SaaS integration, the total number of supported applications and cloud services has increased to over 80, making HYCU the number one SaaS data protection platform for users of SaaS applications who need fast recovery,...

Read more