Vergleich von 28. April 2026 mit dem Vortag 27. April 2026.
This alert confirms active exploitation beyond patch availability, indicating real-world attacks targeting Windows systems, likely including credential theft via NTLM relay.
Describes a new ransomware variant that can accidentally act as a wiper, posing a dual threat of data encryption and destruction.
The vulnerability in Entra ID could allow attackers to compromise multiple Microsoft services, posing a severe risk to the company's entire Microsoft 365 and Azure AD environment.
This alert confirms a critical-risk vulnerability in Entra ID has been patched, but provides no details on active exploitation or specific attack campaigns.
This alert describes an active ransomware campaign that irreversibly destroys files over 131KB, posing a severe data loss risk beyond typical encryption.
This alert describes a newly discovered privilege escalation path via the Agent ID Administrator role in Entra ID, which could allow attackers to take over service principals, going beyond a simple patch reminder.
Keine Änderungen in dieser Kategorie.
Keine Änderungen in dieser Kategorie.
Describes an active campaign using help desk impersonation via Teams to deploy SNOW malware, with detailed TTPs including LSASS extraction, Pass-The-Hash, and lateral movement to domain controllers.
Microsoft is rolling out passkey support for Entra ID on Windows, enhancing phishing resistance for the company's authentication infrastructure.
Describes a new privilege escalation technique in Windows RPC that could allow attackers to gain SYSTEM privileges on fully patched systems, increasing risk of lateral movement and domain compromise.
This alert describes a novel social engineering technique using Microsoft Teams to bypass MFA and gain initial access, which is directly applicable to the company's tech stack.