Category: Microsoft Security Blog

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software.…

Read more →

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software.…

Read more →

Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy chief information security officers share their experiences in cybersecurity and how they are redefining protection. The post Meet the Deputy CISOs who help shape Microsoft’s…

Read more →

In 2024 alone, scammers drained the global economy of more than $1.03 trillion. Together, Microsoft and the other members of GASA hope to stem these losses going forward. The post Microsoft partners with Global Anti-Scam Alliance to fight cybercrime appeared…

Read more →

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared our findings with Apple and a fix was released for this vulnerability, now identified as…

Read more →

Celebrate World Passkey Day with Microsoft! Join us in embracing passkeys for secure, passwordless sign-ins. Learn more about our commitment to a safer digital future. The post Pushing passkeys forward: Microsoft’s latest updates for simpler, safer sign-ins appeared first on…

Read more →

At Microsoft Build 2025, we’re bringing together security engineers, researchers, and developers to share practical tips and modern best practices to help you ship secure code faster. The post 14 secure coding tips: Learn from the experts at Microsoft Build…

Read more →

Congratulations to the winners of the Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond. The post Microsoft announces the 2025 Security Excellence Awards winners appeared first on Microsoft Security Blog. This article has…

Read more →

Secure, cloud-based endpoint management helps healthcare providers empower frontline staff and improve patient care. The post Faster, more personalized service begins at the frontline with Microsoft Intune appeared first on Microsoft Security Blog. This article has been indexed from Microsoft…

Read more →

Microsoft presents best practices for securing data and optimizing Microsoft Purview implementation, emphasizing the integration of people, processes, and technology. The post ​​Explore practical best practices to secure your data with Microsoft Purview​​ appeared first on Microsoft Security Blog. This…

Read more →

Read the new whitepaper from the Microsoft AI Red Team to better understand the taxonomy of failure mode in agentic AI. The post New whitepaper outlines the taxonomy of failure modes in AI agents appeared first on Microsoft Security Blog.…

Read more →

The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has observed threat actors taking…

Read more →

The Microsoft Secure Future Initiative (SFI) stands as the largest cybersecurity engineering project in history and most extensive effort of its kind at Microsoft. Now, we are sharing the second SFI progress report, which highlights progress made in our multi-year…

Read more →

Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative. The post Microsoft’s Secure by Design journey: One year…

Read more →

Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse. This edition of Cyber Signals takes you inside the work underway and important milestones achieved that protect customers. The post Cyber Signals Issue 9 |…

Read more →

Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to information theft and data exfiltration. The post Threat actors misuse Node.js to deliver malware…

Read more →

Microsoft Secure Score is important, but the increasing sophistication of security requirements has driven the development of more comprehensive security initiatives using Microsoft Security Exposure Management. The post ​​Transforming security​ with Microsoft Security Exposure Management initiatives​  appeared first on Microsoft…

Read more →

Register to attend one or all our Learn Live sessions to learn how to secure your environment for AI adoption. The post Explore how to secure AI by attending our Learn Live Series appeared first on Microsoft Security Blog. This…

Read more →

For RSAC 2025, Microsoft Security is bringing an exciting lineup of sessions, expert panels, and exclusive networking opportunities to empower security professionals in the era of AI. The post The ultimate guide to Microsoft Security at RSAC 2025  appeared first…

Read more →

Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their environments and respond to these attacks, Exchange Server and SharePoint Server integrated Windows Antimalware Scan…

Read more →