As October draws to a close, marking 21 years of Cybersecurity Awareness Month, cyberattacks continue to be a challenge for businesses of all sizes, however, small and medium businesses (SMBs) face distinct challenges when it comes to cybersecurity. Although SMBs face heightened cybersecurity threats, unlike large enterprises, they[…]
Read More
Now more than ever is the time for every organization to prioritize security. The use of AI by cyberattackers gives them an asymmetric advantage over defenders, as cyberattackers only have to be right once, while defenders have to be right 100% of the time. The way to win[…]
Read More
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available.[…]
Read More
We’ve launched 2024 release wave 2 for Microsoft Dynamics 365, Microsoft Power Platform, and role-based Microsoft Copilot offerings—introducing a rollout of new features and enhanced capabilities releasing between October 2024 and March 2025. These updates include advanced Copilot capabilities for Microsoft 365 Copilot for Sales, Copilot for Service,[…]
Read MoreHealthcare organizations are an increasingly attractive target for threat actors. In a new Microsoft Threat Intelligence report, US healthcare at risk: strengthening resiliency against ransomware attacks, our researchers identified that ransomware continues to be among the most common and impactful cyberthreats targeting organizations. The report offers a holistic[…]
Read MoreHealthcare organizations are an increasingly attractive target for threat actors. In a new Microsoft Threat Intelligence report, US healthcare at risk: strengthening resiliency against ransomware attacks, our researchers identified that ransomware continues to be among the most common and impactful cyberthreats targeting organizations. The report offers a holistic[…]
Read More
Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for[…]
Read More
Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for[…]
Read More
Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks. Once again, nation-state affiliated threat actors demonstrated that cyber operations—whether for espionage, destruction, or influence—play a persistent supporting role in broader geopolitical conflicts. Also fueling the escalation[…]
Read MoreAs cyberthreats continue to evolve, it’s essential for security professionals to stay informed about the latest attack vectors and defense mechanisms. Kerberoasting is a well-known Active Directory (AD) attack vector whose effectiveness is growing because of the use of GPUs to accelerate password cracking techniques. Because Kerberoasting enables cyberthreat[…]
Read More