As Department of Defense (DoD) Chief Information Officer Hon. John Sherman said recently, Cybersecurity Maturity Model Certification (CMMC) is necessary to ensure that the United States raises the bar for protecting sensitive information.1 The DoD is leading by example towards this goal by implementing Zero Trust practices and[…]
Read MoreIt has been an eventful time since the introduction of Microsoft Security Experts.1 We launched Defender Experts for Hunting, our first-party managed threat hunting service for customers who want Microsoft to help them proactively hunt threats across endpoints, Microsoft Office 365, cloud applications, and identity.2 We also participated[…]
Read MoreIn response to the increasing frequency and evolution of nation-state cyberthreats, Microsoft is taking additional steps to protect our customers and increase the secure-by-default baseline of our cloud platforms. These steps are the result of close coordination with commercial and government customers, and with the Cybersecurity and Infrastructure[…]
Read MoreOn July 18, 2023, we published the 2023 release wave 2 plans for Microsoft Dynamics 365 and Microsoft Power Platform, a compilation of new capabilities planned to be released between October 2023 and March 2024. This second release wave of the year offers hundreds of new features, including AI capabilities and enhancements, demonstrating[…]
Read MoreAt Microsoft Inspire 2023, we celebrate our partners and thank them for their innovation, contributions, and support over the past year. Today, we’re happy to announce Power Automate Process Mining will become generally available on August 1, 2023. Process intelligence is changing the way businesses optimize their processes, save[…]
Read MoreCybersecurity is one of the most pressing challenges of our time. With an ever-changing threat landscape and siloed data across multiple security point solutions, defenders have limited visibility. It’s difficult to stay current and find cybersecurity professionals amid the global talent shortage. Attacks are quickly becoming more automated[…]
Read MoreExecutive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation into this incident and deploy[…]
Read MoreMicrosoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosure to Microsoft via Word documents, using lures[…]
Read MoreA year ago when we announced the Microsoft Entra product family, we asked what the world could achieve if we had trust in every digital experience and interaction.1 This question inspired us to offer a vision for securing the millions and millions of connections that happen every second[…]
Read MoreWe know customers of every size face ever-increasing security risks. In just the last 12 months the speed of attackers leveraging breaches is also increasing, as it only takes 72 minutes on average for an attacker to access private data from the time a user falls victim to[…]
Read More