Microsoft security blog In this post we are providing information about AI jailbreaks, a family of vulnerabilities that can occur when the defenses implemented to protect AI from producing harmful content fails. Mar 6, 2025 · Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally. Feb 10, 2025 · To learn more about Microsoft Security solutions, visit our website. 1 To counter these threats, Microsoft is continuously aggregating signal and threat intelligence across the Apr 3, 2024 · Today, I am excited to announce the public preview of our unified security operations platform. The ultimate guide to Microsoft Security at RSAC 2025 Feb 14, 2025 · Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. 2 58% of organizations surveyed expressed concern about the unsanctioned use of generative AI at their companies, and the general lack Jan 13, 2025 · Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent malware, bypass Transparency, Consent, and Control (TCC), and expand the attack surface to perform other unauthorized operations. Microsoft is […] Mar 4, 2025 · Learn more with Microsoft Security. This security-specific model in turn Dec 18, 2024 · Microsoft Security Blog highlights the latest News to keep you in-the-know on what's happening in digital security and threat intelligence. May 9, 2022 · Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert human intelligence at every step of the attack chain and culminate in intentional business disruption and extortion. Microsoft Defender Experts for XDR is a mature and proven service that triages, investigates, and responds to incidents and hunts for threats on a customer’s behalf around the clock. NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. To learn more about Microsoft Security solutions, visit our website. During my day job as a Security Engineer, I assist my customers in achieving a safer and more secure work environment. Now, we are sharing the second SFI progress report, which highlights progress made in our multi-year journey to improve the security posture of Microsoft, our customers, and the industry at large. Oct 31, 2024 · Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of compromised devices we track as CovertNetwork-1658, also known as xlogin and Quad7 (7777). Microsoft Defender Threat Intelligence Aug 24, 2023 · Microsoft Sentinel. Savings are based on publicly available estimated pricing for other vendor solutions and web direct/based price shown for Mar 13, 2025 · To learn more about Microsoft Security solutions, visit our website. Microsoft Threat Sep 21, 2023 · To learn more about Microsoft Security solutions, visit our website. 3 days ago · Learn more with Microsoft Security. Nov 22, 2024 · The talk DPRK – All grown up will cover how the Democratic People’s Republic of Korea (DPRK) has successfully built computer network exploitation capability over the past 10 years and how threat actors have enabled North Korea to steal billions of dollars in cryptocurrency as well as target organizations associated with satellites and weapons systems. Microsoft Defender XDR May 30, 2024 · Securing your IoT with Edge Secured-core devices . Sep 26, 2024 · Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. Mar 19, 2024 · To learn more about Microsoft Security solutions, visit our website. 2022. These capabilities can also be used to secure and govern AI apps built with the DeepSeek R1 model and the use of the DeepSeek app. Dec 15, 2022 · Figure 1: Potential cost savings of up to 60 percent when consolidating security solutions by using Microsoft 365 E5 Compliance and Security add-ons to a Microsoft 365 E3 license—instead of using multiple-point solutions. Dec 18, 2020 · Using Microsoft 365 Defender to protect against Solorigate . EDR in block mode works behind the scenes to remediate malicious artifacts that are Aug 2, 2022 · Uncover adversaries with new Microsoft Defender threat intelligence products. 6 Tenants that retain security defaults experience 80% fewer compromised accounts than unprotected tenants Feb 6, 2025 · Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP. The attack originated from illegal streaming websites embedded with malvertising redirectors and ultimately redirected users to GitHub to deliver initial access payloads as the start of a modular and multi-stage attack chain. Mar 2, 2021 · Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Secret Blizzard co-opts SideCopy’s infrastructure to target Afghanistan government; Hunting queries . Explore the latest research and insights from Microsoft Threat Intelligence community on various threats, actors, tools, and techniques. This is the first time we have identified a shift in Star Blizzard’s longstanding tactics, techniques, and procedures (TTPs) to leverage a […] Dec 4, 2024 · Microsoft Security Copilot customers can also use the Microsoft Security Copilot integration in Microsoft Defender Threat Intelligence to get more information about this threat actor. The rollout of the above has closed this gap and made Defender for Office 365 effective against these attacks, and as the use of QR codes expands, our Jul 27, 2024 · Microsoft engages with third-party security vendors through an industry forum called the Microsoft Virus Initiative (MVI). He outlines the three core principles and six pillars of SFI and the accountability measures for the senior leadership team. Jun 16, 2022 · Bookmark the Security blog to keep up with our expert coverage on security matters. To simplify your IoT security journey, today, we’re announcing the availability of Windows IoT Edge Secured-core devices available in the Azure Certified Device catalog from Lenovo, ASUS and AAEON, additionally we’re also announcing the availability of devices that meet the Microsoft sponsored Edge Compute Node protection profile which is Jan 16, 2025 · In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This helps users drive consistency across their multicloud and multiplatform data estate and simplify risks related to data leaks, oversharing, and risky user behavior as more users are managing Dec 12, 2024 · To learn more about Microsoft Security solutions, visit our website. Dec 10, 2024 · Microsoft Security provides cyberthreat protection, posture management, data security, compliance and governance, and AI safety, to secure AI applications that you build and use. Bookmark the Security blog to keep up with our expert coverage on security matters. The threat landscape is more sophisticated than ever and damages have soared—the Federal Bureau of Investigation’s 2021 IC3 report found that the cost of cybercrime now totals more than USD6. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various Nov 4, 2024 · Why security teams rely on Microsoft Defender Experts for XDR for managed detection and response . Dec 10, 2024 · Unify how you protect and govern your data with Microsoft Purview. To simplify your IoT security journey, today, we’re announcing the availability of Windows IoT Edge Secured-core devices available in the Azure Certified Device catalog from Lenovo, ASUS and AAEON, additionally we’re also announcing the availability of devices that meet the Microsoft sponsored Edge Compute Node protection profile which is Jun 3, 2024 · To learn more about Microsoft Security solutions, visit our website. In this blog, we explain the ransomware as a service (RaaS) affiliate model and disambiguate between the attacker tools and the various threat actors at play during a Dec 11, 2024 · To learn more about Microsoft Security solutions, visit our website. Apr 21, 2025 · The Microsoft Secure Future Initiative (SFI) stands as the largest cybersecurity engineering project in history and most extensive effort of its kind at Microsoft. Storm-2372’s targets during this time May 3, 2024 · Microsoft is implementing a new security governance framework spearheaded by the Chief Information Security Officer (CISO). This article will be a useful Jul 11, 2023 · Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets . Apr 8, 2025 · Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. The said attack targeted multiple sectors in the United States Jun 4, 2024 · Microsoft security researchers, in partnership with other security experts, continue to proactively explore and discover new types of AI model and system vulnerabilities. 9 billion. Microsoft released security updates to address the vulnerability, tracked as CVE 2025-29824, on April 8, 2025. When we announced a limited preview in November 2023, it was one of the first security operations center platforms that brought together the full capabilities of an industry-leading cloud-native security information and event management (SIEM), comprehensive extended detection and response (XDR Jul 5, 2023 · To learn more about Microsoft Security solutions, visit our website. May 15, 2024 · In addition to protecting customers from observed malicious activity, Microsoft is investigating the use of Quick Assist in these attacks and is working on improving the transparency and trust between helpers and sharers, and incorporating warning messages in Quick Assist to alert users about possible tech support scams. . Read the latest articles and updates on Microsoft security products and services, such as Purview, Defender, Copilot, and more. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity. Microsoft Defender Threat Intelligence. Feb 9, 2022 · With a 1,070 percent increase in ransomware attacks year-over-year between July 2020 and June 2021, staying on top of attack trends—such as ransomware and supply chain threats—is more important than ever. In a recent survey on the state of generative AI, business leaders expressed optimism on the potential of AI, but shared their struggle to gain full visibility into their AI programs—creating data security and compliance risks. Nov 4, 2024 · The enhancements of Microsoft Defender for Office 365 to defend against QR code-based phishing attacks showcased our need to advance Microsoft’s email and collaboration security faster. Aug 26, 2021 · Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links, which allow attackers to use a URL in a trusted domain and embed the eventual final malicious URL as a parameter. Nov 6, 2024 · The Microsoft Security Adoption Framework (SAF) which includes the Microsoft Cybersecurity Reference Architecture and the Chief Information Security Officer (CISO) Workshop. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. Security Copilot combines OpenAI large language model with a security-specific model from Microsoft. For RSAC 2025, Microsoft Security is bringing an exciting lineup of sessions, expert panels, and exclusive networking opportunities to empower security professionals in the era of AI. Read the latest posts on Microsoft's Secure Future Initiative, cyber signals, security events, and more. Dec 11, 2024 · Microsoft Security Copilot customers can also use the Microsoft Security Copilot integration in Microsoft Defender Threat Intelligence either in the Security Copilot standalone portal or in the embedded experience in the Microsoft Defender portal, to get more information about this threat actor. Hello! My name is Myron Helgering, and I’ve been working with Microsoft 365 since 2013. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments. Jan 28, 2025 · To complement security defaults, we started rolling out Microsoft-managed Conditional Access policies for all new tenants to ensure you benefit from baseline risk-based security policies that are pre-configured and turned on by default. Jul 30, 2024 · Preparing data for AI adoption. Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This group consists of Microsoft and Security Industry and was created to establish a dialogue and collaboration across the Windows security ecosystem to improve robustness in the way security products use the platform. Look for updates and announcements in the Microsoft Security Blog and check Microsoft Learn for Zero Trust guidance for Government customers to stay up to date with the latest information. Microsoft Sentinel customers can use the TI Mapping analytics (a series of analytics all prefixed with ‘TI map’) to automatically match the malicious domain indicators mentioned in this blog post with data in their workspace. With seamless onboarding, it helps safeguard you Dec 5, 2024 · To learn more about Microsoft Security solutions, visit our website. This blog is a comprehensive guide for security operations and incident response teams using Microsoft 365 Defender to identify, investigate, and respond to the Solorigate attack if it’s found in your environment. This is your chance to gain Feb 7, 2025 · Read the latest posts from the MSRC blog, covering topics such as bug bounty programs, zero day quest, AI security, and more. 1 According to Microsoft Azure Active Directory (Azure AD) authentication log data. May 24, 2023 · Run endpoint detection and response (EDR) in block mode so that Microsoft Defender for Endpoint can block malicious artifacts, even when your non-Microsoft antivirus does not detect the threat, or when Microsoft Defender Antivirus is running in passive mode. The post The ultimate guide to Microsoft Security at RSAC 2025 appeared first on Microsoft Security Blog. Dec 5, 2024 · Securing your IoT with Edge Secured-core devices . Mar 31, 2025 · Microsoft Purview is extending its proven data security value delivered to millions of Microsoft 365 users worldwide, to the Microsoft data platform. Security is not an IT problem; it is a company risk. Bookmark the Security blog to keep up with our Oct 31, 2024 · To learn more about Microsoft Security solutions, visit our website. In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. 5 days ago · The official blog of Microsoft Security, covering topics such as AI and machine learning, threat intelligence, security management, and industry trends. Oct 1, 2024 · To learn more about Microsoft Security solutions, visit our website. Apr 16, 2025 · Microsoft Security Copilot is a generative AI-powered assistant for daily operations in security and IT that empowers teams to manage and protect at the Mar 11, 2025 · Blogs Microsoft Security Response Center; Security Research & Defense; BlueHat Conference Blog; Enhancing security and incentivizing innovation の抄訳版です。 Mar 28, 2023 · Introducing Microsoft Security Copilot—End-to-end defense at machine speed and scale. Aug 6, 2024 · To learn more about Microsoft Security solutions, visit our website. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity. Oct 11, 2024 · Next steps with Microsoft Security. Dec 19, 2024 · We’ve already launched more features aligned to the principles of Zero Trust—including Microsoft Security Exposure Management (MSEM) and more. May 3, 2024 · Satya Nadella shares how Microsoft will commit to the Secure Future Initiative (SFI) and prioritize security above all else in the face of sophisticated cyberattacks. This framework introduces a partnership between engineering teams and newly formed Deputy CISOs, collectively responsible for overseeing SFI, managing risks, and reporting progress directly to the Senior Leadership Team. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures that resemble messaging app experiences including WhatsApp, Signal, and Microsoft Teams. Keep up with what’s happening in security: Get the latest reports on security trends and platform innovations directly from Microsoft Security leaders. Learn how Microsoft Defender products and services can help protect you from cyber attacks. Aug 15, 2022 · New Star Blizzard spear-phishing campaign targets WhatsApp accounts . Learn from experts and join webinars on topics like AI, compliance, and cyber resilience. Apr 23, 2024 · To learn more about Microsoft Security solutions, visit our website. Learn how Microsoft and the security community collaborate to protect customers and users from threats. Unlike traditional data security and governance strategies that require disparate solutions to achieve comprehensive data protection, Microsoft Purview is purpose-built to unify data security, governance, and compliance into a single platform experience. Apr 11, 2024 · To learn more about Microsoft Security solutions, visit our website. Mar 18, 2025 · These sessions will provide you with practical insights and hands-on experiences to strengthen your security posture and leverage AI-driven solutions effectively. Microsoft Security Copilot is the first security product to enable defenders to move at the speed and scale of AI. 1 To successfully detect and defend against security threats, we need to come together as a community and share our expertise, research, intelligence, and insights. Microsoft Defender for Storage is a cloud-native, agentless security solution within Microsoft Defender for Cloud, part of Microsoft’s CNAPP offering. ccdn lsyz pxnjk lqtw rjhft kdzs sngs owhh ybass prbh iruq sbzo urn urfoxhjho ifqo