Tag: Microsoft Security Blog

Incident response is never orderly. Threat actors don’t wait. Environments are compromised. Data is missing. Confidence is shaken. But for Microsoft’s Incident Response (IR) team, that chaos is exactly where the work begins. The post Inside Microsoft Threat Intelligence: Calm…

Read more →

Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this blog post to increase awareness…

Read more →

Microsoft has been named a Leader in IDC’s inaugural category for Worldwide Extended Detection and Response (XDR) Software for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions. The post Microsoft named a Leader in the…

Read more →

At Microsoft, we believe that cybersecurity is as much about people as it is about technology. Explore some of our resources for Cybersecurity Awareness Month to stay safe online. The post Cybersecurity Awareness Month: Security starts with you appeared first…

Read more →

Microsoft Sentinel is expanding into an agentic platform with general availability of the Sentinel data lake, and the public preview of Sentinel graph and Sentinel Model Context Protocol (MCP) server.  The post Empowering defenders in the era of agentic AI with Microsoft Sentinel appeared…

Read more →

To empower customers in becoming Frontier, we’re excited to announce the launch of the reimagined Microsoft Marketplace, your trusted source for cloud solutions, AI apps and agents. The post Introducing Microsoft Marketplace — Thousands of solutions. Millions of customers. One Marketplace.…

Read more →

Microsoft Threat Intelligence has uncovered a new variant of the XCSSET malware, which is designed to infect Xcode projects, typically used by software developers building Apple or macOS-related applications. The post XCSSET evolves again: Analyzing the latest updates to XCSSET’s…

Read more →

In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations. With 60% of retail companies reporting operational disruptions from cyberattacks and 43% experiencing breaches in the past year, the stakes have never been higher.…

Read more →

Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a broader trend of attackers leveraging AI to increase the effectiveness of their operations and…

Read more →

A recent Total Economic Impact™ (TEI) Of Microsoft Purview study by Forrester Consulting, commissioned by Microsoft, offers valuable insights into how organizations are modernizing their data protection strategies. The study covers the tangible benefits of unifying data security, data governance…

Read more →

​The latest 2025 commissioned Forrester Consulting Total Economic Impact™ (TEI) study reveals a 242% ROI over three years for organizations that chose Microsoft Defender. It helps security leaders consolidate tools, reduce overhead, and empower their SecOps teams with operational efficiencies…

Read more →

The Microsoft Fabric and Purview teams are thrilled to participate in the European Microsoft Fabric Community Conference Sept. 15-18, 2025 in Vienna, Austria. The event is Microsoft’s largest tech conference in Europe, where data professionals gather to connect and share…

Read more →

Microsoft Azure is announcing the start of Phase 2 multi-factor authentication enforcement at the Azure Resource Manager layer, starting October 1, 2025. The post Azure mandatory multifactor authentication: Phase 2 starting in October 2025 appeared first on Microsoft Security Blog.…

Read more →

Financially motivated threat actor Storm-0501 has continuously evolved their campaigns to achieve sharpened focus on cloud-based tactics, techniques, and procedures (TTPs). While the threat actor has been known for targeting hybrid cloud environments, their primary objective has shifted from deploying…

Read more →

For a third year a row, Microsoft has been named the number one leader for endpoint security market share, as featured in a new IDC report. The post Microsoft ranked number one in modern endpoint security market share third year…

Read more →

​In this blog you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer (CISO) for Identity, Igor Sakhnov, about how to secure and govern autonomous agents. This blog is part of a new ongoing series where…

Read more →

The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. This technique exploits users’ tendency to resolve technical issues by tricking them into running malicious commands. These commands, in turn,…

Read more →

Microsoft is proactively leading the transition to quantum-safe security by advancing post-quantum cryptography, collaborating with global standards bodies, and helping organizations prepare for the coming quantum era. The post Quantum-safe security: Progress towards next-generation cryptography appeared first on Microsoft Security…

Read more →

Microsoft recently spoke with Mario Ferket, Chief Information Security Officer for Dow, about the company’s approach to AI in security. The post Dow’s 125-year legacy: Innovating with AI to secure a long future appeared first on Microsoft Security Blog. This…

Read more →

The Phishing Triage Agent in Microsoft Defender is now available in Public Preview. It tackles one of the most repetitive tasks in the SOC: handling reports of user-submitted phish. The post Announcing public preview: Phishing triage agent in Microsoft Defender…

Read more →