An essential part of shipping software securely is red teaming. It broadly refers to the practice of emulating real-world adversaries and their tools, tactics, and procedures to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of systems. Microsoft has a rich history of[…]
Read More
Today we released the fifth edition of Cyber Signals, spotlighting threats to large venues, and sporting and entertainment events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World Cup 2022™. Cybersecurity threats to[…]
Read More
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM). This latest attack, combined with past activity, further demonstrates Midnight Blizzard’s ongoing execution of[…]
Read More
In the ever-evolving world of cybersecurity, email remains a primary attack vector for cybercriminals, making effective email protection a foundational piece of any organization’s security strategy. In Q1 2023, Microsoft was once again part of an evaluation of email security platforms conducted by SE Labs. SE Labs has[…]
Read More
Now in its twenty-sixth year, Black Hat USA takes place August 5 to 10, 2023, at Mandalay Bay in Las Vegas, Nevada, bringing together security professionals for the latest in information security research, development, and trends. Microsoft Security is pleased to have a presence at Black Hat, with[…]
Read More
In cloud environments, cryptojacking – a type of cyberattack that uses computing power to mine cryptocurrency – takes the form of cloud compute resource abuse, which involves a threat actor compromising legitimate tenants. Cloud compute resource abuse could result in financial loss to targeted organizations due to the[…]
Read MoreThe security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Truesec Chief Chaos Officer Jayson Street, who wrote “Dissecting the Hack: the f0rb1dd3n Network” series and featured on[…]
Read More
Microsoft Power Platform continues to be a leader in the low-code/no-code revolution across the globe, transforming opportunities for individuals and businesses to foster a deeper learning culture of empowering everyone from business users, IT pros, and citizen developers to pro developers. Today, we’re thrilled to be the lead[…]
Read More
As Department of Defense (DoD) Chief Information Officer Hon. John Sherman said recently, Cybersecurity Maturity Model Certification (CMMC) is necessary to ensure that the United States raises the bar for protecting sensitive information.1 The DoD is leading by example towards this goal by implementing Zero Trust practices and[…]
Read More
It has been an eventful time since the introduction of Microsoft Security Experts.1 We launched Defender Experts for Hunting, our first-party managed threat hunting service for customers who want Microsoft to help them proactively hunt threats across endpoints, Microsoft Office 365, cloud applications, and identity.2 We also participated[…]
Read More