35 result(s)
Microsoft published a November 2025 progress report for its Secure Future Initiative, reporting steady progress across all areas and engineering pillars. The initiative’s mission is to accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future, with the report underscoring Microsoft’s continued commitment to security.
Microsoft disclosed a new side-channel attack called “Whisper Leak” that enables attackers to infer conversation topics from interactions with remote language models even when communications are encrypted. The finding was published on the Microsoft Security Blog.
IDC research urges CISOs to adopt AI-powered, integrated cloud security platforms—such as CNAPP, XDR, and SIEM—to lower risk, reduce complexity, and improve resilience, according to a Microsoft Security Blog post.
The article explains how new European Union risk-based legislation helps CISOs strengthen cybersecurity for critical infrastructure by encouraging organizations to assess and prioritize risks, align controls with regulatory expectations, and build more resilient systems.
Microsoft Security Blog published an e-book that shows how generative AI can improve Security Operations Centers (SOCs) by reducing alert fatigue, speeding triage, enabling proactive threat hunting, and helping teams get ahead of cyberattacks.
Microsoft DART researchers identified a novel backdoor, dubbed SesameOp, that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. A component of the backdoor uses the Assistants API as a storage/relay to fetch commands and execute tasks inside compromised environments, avoiding traditional C2 methods.
Microsoft’s blog post summarizes a new e-book that outlines the main challenges organizations face with generative AI, details the top generative AI security threats, and recommends steps companies can take to strengthen their security posture against unpredictable AI risks.
Microsoft announced expanded Identity Threat Detection and Response (ITDR) capabilities, including the new Microsoft Defender for Identity sensor now generally available, delivering improved protection, deeper correlation across signals, and richer contextual information to help organizations modernize their identity defenses.
Microsoft’s Digital Defense Report 2025 highlights a changing cyberthreat landscape with a rise in financially motivated attacks and ongoing nation-state risks. The article argues that CISOs must focus on organizational response, adaptation, and resilience-building to meet accelerating threats.
Microsoft announced the new Microsoft Security Store, a centralized gateway that helps customers discover, purchase, and deploy vetted security solutions and AI agents from leading partners, aiming to simplify procurement and accelerate partner-driven innovation.
Microsoft’s Security Blog highlights that Azure Blob Storage is an attractive, high-value target because it stores massive volumes of unstructured data across many workloads. Threat actors are increasingly using sophisticated attack chains that exploit misconfigurations, exposed credentials, and evolving cloud-specific tactics to compromise Blob Storage.
Microsoft has been recognized again as a Leader in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM), according to a post on the Microsoft Security Blog.
Microsoft reports that extortion and ransomware account for over half of cyberattacks; in 80% of incidents their security teams investigated last year attackers attempted to steal data, driven more by financial gain than intelligence gathering.
Microsoft Security Blog warns that customer support tools, now more connected and data-rich, are increasingly targeted by cyberattacks. Hardening these systems is essential to safeguard customer trust, protect sensitive data, and maintain business continuity.
Microsoft introduced ExCyTIn-Bench, an open-source benchmarking tool that evaluates how effectively AI systems perform real-world cybersecurity investigations, aiming to standardize measurement and improve AI-driven defensive capabilities.
Microsoft frames building a lasting security culture as a strategic priority and a call to action: security is people-centered, every employee has a role, and embedding secure practices into how people think, work, and collaborate creates a unified, proactive, and resilient defense for Microsoft and its customers.
Microsoft highlights security as a central theme at Ignite 2025, offering dedicated sessions and hands-on experiences focused on securing agentic AI for security professionals and leaders. The blog points readers to the session catalog for details and scheduling.
Microsoft Threat Intelligence reports a financially motivated actor tracked as Storm-2657 conducting “payroll pirate” attacks against US universities by compromising employee accounts, accessing employee profiles, and diverting salary payments to attacker-controlled accounts.
Microsoft highlights that threat actors are abusing Microsoft Teams features across the attack chain and urges defenders to proactively monitor, detect, and respond. The blog recommends layered countermeasures and optimal controls across identity, endpoints, data and app protection, and network controls to better protect enterprise Teams users.
Microsoft’s Secure Future Initiative (SFI) patterns and practices provide practical, practitioner‑led guidance based on Microsoft’s Zero Trust implementation. The guides are designed to help organizations accelerate security maturity, reduce implementation friction, and build systems that are secure by design, by default, and in operation.
Microsoft’s Incident Response team works effectively amid the disorder caused by fast-moving threat actors, treating compromised environments, missing data, and shaken confidence as the starting point for investigations, as described in the Microsoft Security Blog post “Inside Microsoft Threat Intelligence: Calm in the chaos.”
Microsoft observed active exploitation of CVE-2025-10035, a deserialization vulnerability in the GoAnywhere Managed File Transfer (MFT) License Servlet, by the financially motivated actor Storm-1175 (associated with Medusa ransomware). The blog post raises awareness and describes end-to-end protection coverage in Microsoft Defender.
Microsoft was named a Leader in IDC’s inaugural Worldwide Extended Detection and Response (XDR) Software MarketScape for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions, as reported on the Microsoft Security Blog.
Microsoft highlights that cybersecurity is as much about people as technology in its Cybersecurity Awareness Month post, “Security starts with you.” The blog directs readers to Microsoft’s resources and practical guidance to help individuals stay safe online and adopt safer habits.
Microsoft Sentinel is expanding into an agentic security platform: the Sentinel data lake is generally available, and Sentinel graph plus the Sentinel Model Context Protocol (MCP) server are available in public preview to enable richer data, graph-based analysis, and model-aware agentic workflows for defenders.
Microsoft announced the launch of the reimagined Microsoft Marketplace, a unified and trusted destination for cloud solutions, AI apps and agents designed to connect thousands of solutions with millions of customers and empower organizations to become ‘Frontier’.
Microsoft Threat Intelligence has identified a new variant of the XCSSET malware that targets Xcode projects used by developers building Apple and macOS applications, detailed in a Microsoft Security Blog post.
Microsoft’s Cyberattack Series examines a retail incident where a single security alert exposed a persistent cyberthreat. Attackers exploited unpatched SharePoint vulnerabilities and compromised identities to infiltrate networks, causing widespread operational risk—echoed by industry statistics (60% operational disruptions, 43% breaches). Microsoft’s Detection and Response Team (DART) provided forensic analysis and actionable remediation guidance; the full report offers detailed findings and defensive recommendations.
Microsoft Threat Intelligence detected and blocked a credential-phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, highlighting a trend of attackers leveraging AI and the need for defenders to anticipate and adapt to AI-driven threats.
A Forrester Consulting Total Economic Impact study, commissioned by Microsoft, found that unifying data security, governance, and compliance on Microsoft Purview reduced the likelihood of data breaches by 30% and delivered measurable benefits for modernizing data protection.
A 2025 Forrester Consulting TEI study found Microsoft Defender delivered a 242% ROI over three years, produced $17.8 million in benefits, and paid for itself in under six months by helping organizations consolidate security tools and improve SecOps efficiency with AI and automation.
Microsoft Fabric and Purview teams announced their participation in the European Microsoft Fabric Community Conference and highlighted Microsoft Purview innovations focused on unifying data security and governance for the AI era in a Microsoft Security Blog post.
Microsoft Azure will begin Phase 2 mandatory multi-factor authentication enforcement at the Azure Resource Manager layer starting October 1, 2025, as announced on the Microsoft Security Blog.
Microsoft reports that financially motivated threat actor Storm-0501 has shifted from deploying on-premises endpoint ransomware toward cloud-based ransomware tactics, increasingly focusing on cloud-specific TTPs after previously targeting hybrid cloud environments.
Microsoft was ranked number one in the modern endpoint security market share for the third consecutive year, according to a new IDC report, as announced on the Microsoft Security Blog.