53 result(s)
Microsoft published an e-book arguing that replacing isolated point solutions with a unified, AI-ready security platform delivers greater speed, operational resilience, and measurable security gains. The blog post announces the e-book and invites readers to explore the guidance.
Microsoft defines Access Fabric as a unified access security solution that continuously and in real time decides who can access what resources, from where, and under what conditions.
The Microsoft Security Blog post describes CVE-2025-55182 (React2Shell), a critical pre-authentication remote code execution vulnerability that affects React Server Components and related frameworks. The advisory notes that CVE-2025-66478 was merged into CVE-2025-55182.
Microsoft was named an overall leader in the KuppingerCole Leadership Compass for Generative AI Defense, announced on the Microsoft Security Blog.
The Microsoft Security Blog post warns that ‘fake employees’—synthetic or forged identities created to look like legitimate workers—are an emerging threat that can infiltrate organizations and obtain real access. It outlines common ways these imposters gain entry through onboarding gaps, stolen or fabricated credentials, and social engineering, and recommends operational and technical controls to reduce risk.
Microsoft emphasizes that insights from Cybersecurity Awareness Month and Microsoft Ignite 2025 show security remains a top business priority. The article calls for moving from awareness to concrete action by building a security-first culture suited to the risks and opportunities of agentic (autonomous) AI, combining leadership commitment, policy and governance, workforce training, and technical controls.
Microsoft’s new benchmarking report examines how layered email defenses perform in real-world conditions, providing transparent metrics and practical insights to help organizations strengthen email protection and reduce risk.
Shai‑Hulud 2.0 is a large-scale supply chain attack in which adversaries maliciously modified hundreds of public packages to compromise developer environments, CI/CD pipelines, and cloud workloads in order to harvest credentials and configuration secrets. Microsoft published guidance to detect, investigate, and defend against these compromises across development toolchains, build systems, and cloud assets.
The article explains how cyber defense is shifting by applying graph-powered approaches and AI to accelerate threat detection and strengthen basic security hygiene across organizations.
Microsoft announced a new collaboration with Beazley naming them an incident response partner to strengthen cyber resilience by aligning with ecosystem partners and improving security for customers.
Microsoft was named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security, highlighting the innovative capabilities of Microsoft Defender for Office 365.
Microsoft Security Blog post by Damon Becknel, Vice President and Deputy CISO for Regulated Industries, outlining four cybersecurity priorities to act on immediately.
The article argues organizations must future-proof cybersecurity talent by building agile, innovative teams that prioritize continuous learning and adaptability to evolving threats.
Microsoft describes its experience building autonomous AI agents for managed detection and response (MDR) and argues that GenAI-powered security operations centers (SOCs) will reshape how humans and AI collaborate to improve detection, investigation, and response.
Microsoft was named a Leader in the 2025 Gartner® Magic Quadrant™ for Access Management, marking the ninth consecutive year the company has received this recognition.
Microsoft outlines a vision for ‘ambient and autonomous’ security to protect AI-driven systems in the emerging agentic era, proposing security become a foundational, proactive capability rather than an add-on.
Microsoft announced at Ignite 2025 that Security Copilot is being integrated into Microsoft 365 E5, introducing agents built into security workflows to help teams move from reactive incident response to more proactive, strategic protection.
Microsoft and NVIDIA published a joint research post on the Microsoft Security Blog about collaborative work investigating real-time immunity.
Microsoft published a November 2025 progress report for its Secure Future Initiative, reporting steady progress across all areas and engineering pillars. The initiative’s mission is to accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future, with the report underscoring Microsoft’s continued commitment to security.
Microsoft disclosed a new side-channel attack called “Whisper Leak” that enables attackers to infer conversation topics from interactions with remote language models even when communications are encrypted. The finding was published on the Microsoft Security Blog.
IDC research urges CISOs to adopt AI-powered, integrated cloud security platforms—such as CNAPP, XDR, and SIEM—to lower risk, reduce complexity, and improve resilience, according to a Microsoft Security Blog post.
The article explains how new European Union risk-based legislation helps CISOs strengthen cybersecurity for critical infrastructure by encouraging organizations to assess and prioritize risks, align controls with regulatory expectations, and build more resilient systems.
Microsoft Security Blog published an e-book that shows how generative AI can improve Security Operations Centers (SOCs) by reducing alert fatigue, speeding triage, enabling proactive threat hunting, and helping teams get ahead of cyberattacks.
Microsoft DART researchers identified a novel backdoor, dubbed SesameOp, that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. A component of the backdoor uses the Assistants API as a storage/relay to fetch commands and execute tasks inside compromised environments, avoiding traditional C2 methods.
Microsoft’s blog post summarizes a new e-book that outlines the main challenges organizations face with generative AI, details the top generative AI security threats, and recommends steps companies can take to strengthen their security posture against unpredictable AI risks.
Microsoft announced expanded Identity Threat Detection and Response (ITDR) capabilities, including the new Microsoft Defender for Identity sensor now generally available, delivering improved protection, deeper correlation across signals, and richer contextual information to help organizations modernize their identity defenses.
Microsoft’s Digital Defense Report 2025 highlights a changing cyberthreat landscape with a rise in financially motivated attacks and ongoing nation-state risks. The article argues that CISOs must focus on organizational response, adaptation, and resilience-building to meet accelerating threats.
Microsoft announced the new Microsoft Security Store, a centralized gateway that helps customers discover, purchase, and deploy vetted security solutions and AI agents from leading partners, aiming to simplify procurement and accelerate partner-driven innovation.
Microsoft’s Security Blog highlights that Azure Blob Storage is an attractive, high-value target because it stores massive volumes of unstructured data across many workloads. Threat actors are increasingly using sophisticated attack chains that exploit misconfigurations, exposed credentials, and evolving cloud-specific tactics to compromise Blob Storage.
Microsoft has been recognized again as a Leader in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM), according to a post on the Microsoft Security Blog.
Microsoft reports that extortion and ransomware account for over half of cyberattacks; in 80% of incidents their security teams investigated last year attackers attempted to steal data, driven more by financial gain than intelligence gathering.
Microsoft Security Blog warns that customer support tools, now more connected and data-rich, are increasingly targeted by cyberattacks. Hardening these systems is essential to safeguard customer trust, protect sensitive data, and maintain business continuity.
Microsoft introduced ExCyTIn-Bench, an open-source benchmarking tool that evaluates how effectively AI systems perform real-world cybersecurity investigations, aiming to standardize measurement and improve AI-driven defensive capabilities.
Microsoft frames building a lasting security culture as a strategic priority and a call to action: security is people-centered, every employee has a role, and embedding secure practices into how people think, work, and collaborate creates a unified, proactive, and resilient defense for Microsoft and its customers.
Microsoft highlights security as a central theme at Ignite 2025, offering dedicated sessions and hands-on experiences focused on securing agentic AI for security professionals and leaders. The blog points readers to the session catalog for details and scheduling.
Microsoft Threat Intelligence reports a financially motivated actor tracked as Storm-2657 conducting “payroll pirate” attacks against US universities by compromising employee accounts, accessing employee profiles, and diverting salary payments to attacker-controlled accounts.
Microsoft highlights that threat actors are abusing Microsoft Teams features across the attack chain and urges defenders to proactively monitor, detect, and respond. The blog recommends layered countermeasures and optimal controls across identity, endpoints, data and app protection, and network controls to better protect enterprise Teams users.
Microsoft’s Secure Future Initiative (SFI) patterns and practices provide practical, practitioner‑led guidance based on Microsoft’s Zero Trust implementation. The guides are designed to help organizations accelerate security maturity, reduce implementation friction, and build systems that are secure by design, by default, and in operation.
Microsoft’s Incident Response team works effectively amid the disorder caused by fast-moving threat actors, treating compromised environments, missing data, and shaken confidence as the starting point for investigations, as described in the Microsoft Security Blog post “Inside Microsoft Threat Intelligence: Calm in the chaos.”
Microsoft observed active exploitation of CVE-2025-10035, a deserialization vulnerability in the GoAnywhere Managed File Transfer (MFT) License Servlet, by the financially motivated actor Storm-1175 (associated with Medusa ransomware). The blog post raises awareness and describes end-to-end protection coverage in Microsoft Defender.
Microsoft was named a Leader in IDC’s inaugural Worldwide Extended Detection and Response (XDR) Software MarketScape for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions, as reported on the Microsoft Security Blog.
Microsoft highlights that cybersecurity is as much about people as technology in its Cybersecurity Awareness Month post, “Security starts with you.” The blog directs readers to Microsoft’s resources and practical guidance to help individuals stay safe online and adopt safer habits.
Microsoft Sentinel is expanding into an agentic security platform: the Sentinel data lake is generally available, and Sentinel graph plus the Sentinel Model Context Protocol (MCP) server are available in public preview to enable richer data, graph-based analysis, and model-aware agentic workflows for defenders.
Microsoft announced the launch of the reimagined Microsoft Marketplace, a unified and trusted destination for cloud solutions, AI apps and agents designed to connect thousands of solutions with millions of customers and empower organizations to become ‘Frontier’.
Microsoft Threat Intelligence has identified a new variant of the XCSSET malware that targets Xcode projects used by developers building Apple and macOS applications, detailed in a Microsoft Security Blog post.
Microsoft’s Cyberattack Series examines a retail incident where a single security alert exposed a persistent cyberthreat. Attackers exploited unpatched SharePoint vulnerabilities and compromised identities to infiltrate networks, causing widespread operational risk—echoed by industry statistics (60% operational disruptions, 43% breaches). Microsoft’s Detection and Response Team (DART) provided forensic analysis and actionable remediation guidance; the full report offers detailed findings and defensive recommendations.
Microsoft Threat Intelligence detected and blocked a credential-phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, highlighting a trend of attackers leveraging AI and the need for defenders to anticipate and adapt to AI-driven threats.
A Forrester Consulting Total Economic Impact study, commissioned by Microsoft, found that unifying data security, governance, and compliance on Microsoft Purview reduced the likelihood of data breaches by 30% and delivered measurable benefits for modernizing data protection.
A 2025 Forrester Consulting TEI study found Microsoft Defender delivered a 242% ROI over three years, produced $17.8 million in benefits, and paid for itself in under six months by helping organizations consolidate security tools and improve SecOps efficiency with AI and automation.
Microsoft Fabric and Purview teams announced their participation in the European Microsoft Fabric Community Conference and highlighted Microsoft Purview innovations focused on unifying data security and governance for the AI era in a Microsoft Security Blog post.
Microsoft Azure will begin Phase 2 mandatory multi-factor authentication enforcement at the Azure Resource Manager layer starting October 1, 2025, as announced on the Microsoft Security Blog.
Microsoft reports that financially motivated threat actor Storm-0501 has shifted from deploying on-premises endpoint ransomware toward cloud-based ransomware tactics, increasingly focusing on cloud-specific TTPs after previously targeting hybrid cloud environments.
Microsoft was ranked number one in the modern endpoint security market share for the third consecutive year, according to a new IDC report, as announced on the Microsoft Security Blog.