Rabia Noureen

Microsoft has discovered a new variant of XCSSET, a sophisticated macOS malware family that has targeted users since at least 2020. The company has observed that this malware is now deploying advanced tactics to specifically target Apple developers in ongoing attacks. The XCSSET malware was first spotted by security firm Trend Micro back in 2020….

Microsoft has released an update to fix a bug that caused “boot device inaccessible” errors on some Windows Server 2025 devices. This issue specifically affected servers using iSCSI (Internet Small Computer Systems Interface) technology. The iSCI protocol in Windows Server enables the connection of storage devices over an IP network. It operates at the block…

Microsoft is preparing to retire the event alerts feature in its Purview Audit solution. The company announced on the Microsoft 365 Admin Center that this change will take effect in March 2025. Microsoft Purview Audit is an auditing solution designed to support organizations in conducting forensic and compliance investigations. It provides high-bandwidth access to audit…

Microsoft has issued an alert about a sophisticated phishing campaign by Russian hackers, leveraging a deceptive device code authentication trick to hijack Microsoft 365 accounts. These cybercriminals gain unauthorized access to sensitive data across key government and business sectors worldwide. What is device code phishing? Device code phishing is a sophisticated phishing technique that leverages…

Microsoft released a major cumulative update for Windows 10 versions 22H2 and 21H2 this week. The KB5051974 update delivers important security fixes and automatically installs the new Outlook client on Windows 10 PCs. Microsoft announced the general availability of the new web-based Outlook for Windows app in August 2024. While Microsoft highlights its advantages, many…

Microsoft has introduced a new Unified Device Timeline experience in its SIEM + XDR solution. This new feature offers administrators a centralized hub to track device activity across Microsoft Sentinel and Defender XDR. “This feature streamlines security investigations by enabling analysts to access all relevant device activities in one place, reducing the need to switch…

Microsoft has introduced a new feature in the Outlook mobile app that allows users to minimize email drafts for seamless multitasking. This feature is currently available for beta testers in Outlook for Android and iOS. Currently, when users are composing an email in Outlook and need to check something else in the app (like another…

Microsoft has introduced several new features and enhancements to its Intune Suite. Launched in March 2023, Microsoft Intune Suite is a comprehensive solution that seamlessly integrates advanced endpoint management and security tools into a single, unified platform. Starting this month, organizations can use Security Copilot to enhance the security of their Endpoint Privilege Manager (EPM)…

Microsoft has released the February 2025 Patch Tuesday updates for Windows 11 and Windows 10. This month, there are 57 new patches to address vulnerabilities in Windows, Office, Azure, Visual Studio, and Remote Desktop Services. On the quality and experience front, Microsoft has released a couple of new features and improvements for Windows 11 versions…

Microsoft Teams has introduced a new Super Resolution feature that leverages AI to enhance the quality of video calls. This new capability is currently available in public preview for Snapdragon X-based Copilot PCs. Microsoft Teams may send lower-quality videos to maintain smooth meetings in poor network conditions. Traditionally, the app would attempt to improve these…

Microsoft has announced the release of the 2025 H2 Cumulative Update (CU15) for Exchange Server 2019. This is the final major update before this Exchange Server version reaches its end-of-support deadline in October 2025. Microsoft emphasized that CU15 includes new features, security enhancements, bug fixes, and all previous Security Updates (SUs). Previously, administrators had to…

Microsoft has disclosed that threat actors are exploiting publicly exposed ASP.NET machine keys to execute ViewState code injection attacks. The company warns that web developers are inadvertently putting their organizations at risk by using these keys from online repositories and documentation in their applications. In December, Microsoft first observed the attacks that involved an unknown…