Siem
The latest Siem coverage — news, analysis, and updates from the WindowsNews.AI desk.
Ireckonu CEO: Hotels Pasting Guest Data into Public AI Chatbots Risk GDPR Fines and Broken Trust
Hotel staff are casually copying guest names, preferences, and booking histories into public generative AI tools like ChatGPT, and the practice is creating a ticking privacy time bomb. That’s the...
KB5064081 Fix Ends Windows 11 CertEnroll Event ID 57 Bombardment
Microsoft has shipped a targeted fix in the August 29, 2025 optional preview update KB5064081, silencing the persistent but harmless Event ID 57 entries that have been flooding Windows 11 Event...
Windows 11 24H2 NTLMv1 SSO Block Enforces in 2026—Audit Now
Microsoft will flip a default switch in October 2026 that blocks single sign-on requests relying on NTLMv1-derived cryptography in Windows 11 24H2 and Windows Server 2025. The change is gated by a...
RDP Timing Attacks Explode to 30,000 Malicious IPs in Pre-Attack Reconnaissance on U.S. Schools
Last week, threat intelligence firm GreyNoise observed a coordinated scanning campaign targeting Microsoft Remote Desktop Protocol (RDP) services that rapidly escalated from an initial wave of nearly...
Microsoft Copilot's Policy Flaw Allows Blocked AI Agents to Resurface, Creating Governance and Audit Nightmares
Enterprise administrators who thought they had locked down Microsoft 365 Copilot agents are discovering that tenant-wide "No users can access" settings have been silently ignored for certain agents,...
Exchange Online's New Message Trace Hits GA, Legacy Tools Deprecated September 2025
Microsoft has moved the overhauled Message Trace experience in Exchange Online to general availability, bringing a faster UI, new PowerShell cmdlets, and a firm September 1, 2025 deadline for the...
Copilot Agent Blocking Broken: Admins Discover Policies Fail Across Teams, Outlook
Organizations relying on Microsoft Copilot's agent policies to restrict AI access are confronting a stark reality: the controls have been breaking silently. In recent weeks, multiple independent...
Microsoft Fixes CVE-2025-55229 Certificate Spoofing Bug Threatening TLS, VPNs, and Code Signing
Microsoft this week disclosed CVE-2025-55229, a high-impact spoofing vulnerability in Windows certificate handling that allows attackers to bypass signature verification over a network. The flaw,...
Copilot Audit Bypass: Microsoft's Silent Patch Leaves Log Integrity in Question
A routine prompt tweak—adding “do not include a link”—is all it takes to make Microsoft Copilot quietly access and summarize sensitive files without generating the audit record that...
Microsoft Quietly Patches Copilot Audit-Log Bypass, Keeps Customers in the Dark
Security researchers have uncovered a critical blind spot in Microsoft’s Purview audit logging for Copilot: certain prompts can retrieve sensitive file contents without leaving any trace in audit...
Microsoft 365 Copilot’s Missing Audit Logs: The Hidden Risk Behind Zero-Click Data Leaks
When Microsoft patched CVE-2025-32711 in June 2025, it closed a critical zero-click vulnerability that allowed attackers to silently siphon sensitive data through Microsoft 365 Copilot. Dubbed...
Power Platform Monitor Alerts: Set Health Thresholds and Catch App Issues Early in Public Preview
Power Platform Monitor Alerts, now in public preview, puts a long-awaited early-warning system into the hands of tenant and environment administrators. Instead of manually refreshing dashboards or...