Category: Microsoft Security Blog

At Microsoft, we have commitments to ensuring Trustworthy AI and are building industry-leading supporting technology. Our commitments and capabilities go hand in hand to make sure our customers and developers are protected at every layer. Building on our commitments, today…

Read more →

Since the Secure Future Initiative (SFI) began, we’ve dedicated the equivalent of 34,000 full-time engineers to SFI—making it the largest cybersecurity engineering effort in history. And now, we’re sharing key updates and milestones from the first SFI Progress Report.   The…

Read more →

Join us in November 2024 in Chicago for Microsoft Ignite to connect with industry leaders and learn about our newest solutions and innovations. The post Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI…

Read more →

End-to-end security is a modern, comprehensive approach to data protection that aligns data protection and incident response across devices, systems, and users. Read the blog post to explore why it’s an attractive option for organizations committed to strengthening their cybersecurity.…

Read more →

In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios. The post The art and science behind Microsoft threat hunting: Part 3 appeared first on Microsoft Security Blog. This article…

Read more →

Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as…

Read more →

IDC Worldwide Corporate Endpoint Security Market Shares report for 2023 ranks Microsoft number one in market share with a 40.7% increase in share over last year. The post Microsoft again ranked number one in modern endpoint security market share appeared…

Read more →

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches,…

Read more →

Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details…

Read more →

In our newly released whitepaper, we share strategies to prepare for the top data challenges and new data security needs in the age of AI. The post New Microsoft whitepaper shares how to prepare your data for secure AI adoption…

Read more →

We examine the recent CrowdStrike outage and provide a technical overview of the root cause. The post Windows Security best practices for integrating and managing security tools appeared first on Microsoft Security Blog. This article has been indexed from Microsoft…

Read more →

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active…

Read more →

On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking…

Read more →

Register for the “Zero Trust in the Age of AI” webcast to learn more about how our new capabilities in identity and network access and security operations make it easier to implement Zero Trust across your entire environment. The post…

Read more →

Join Microsoft Security leaders and other security professionals from around the world at Black Hat USA 2024 to learn the latest information on security in the age of AI, cybersecurity protection, threat intelligence insights, and more.​ The post Connect with…

Read more →

Microsoft Purview Data Governance will become generally available to enterprise customers on September 1, 2024. It helps today’s data leaders solve their key data governance and security challenges in one unified AI-powered and business-friendly solution. The post Microsoft Purview Data…

Read more →

Microsoft Purview Data Governance will become generally available to enterprise customers on September 1, 2024. It helps today’s data leaders solve their key data governance and security challenges in one unified AI-powered and business-friendly solution. The post Microsoft Purview Data…

Read more →

Microsoft is announcing the Microsoft Entra Suite and the unified security operations platform, two innovations that simplify the implementation of your Zero Trust security strategy. The post Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations…

Read more →

Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell’s PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). PanelView Plus devices are graphic terminals, which are known as…

Read more →

Learn about the rise of cybersecurity committees and how the CISO and IT security team can work with them to produce the best result for the organization’s IT security and enable digital transformation. The post Working with a cybersecurity committee…

Read more →