18 result(s)
Microsoft’s blog post summarizes a new e-book that outlines the main challenges organizations face with generative AI, details the top generative AI security threats, and recommends steps companies can take to strengthen their security posture against unpredictable AI risks.
Microsoft announced expanded Identity Threat Detection and Response (ITDR) capabilities, including the new Microsoft Defender for Identity sensor now generally available, delivering improved protection, deeper correlation across signals, and richer contextual information to help organizations modernize their identity defenses.
Microsoft’s Digital Defense Report 2025 highlights a changing cyberthreat landscape with a rise in financially motivated attacks and ongoing nation-state risks. The article argues that CISOs must focus on organizational response, adaptation, and resilience-building to meet accelerating threats.
Microsoft announced the new Microsoft Security Store, a centralized gateway that helps customers discover, purchase, and deploy vetted security solutions and AI agents from leading partners, aiming to simplify procurement and accelerate partner-driven innovation.
Microsoft’s Security Blog highlights that Azure Blob Storage is an attractive, high-value target because it stores massive volumes of unstructured data across many workloads. Threat actors are increasingly using sophisticated attack chains that exploit misconfigurations, exposed credentials, and evolving cloud-specific tactics to compromise Blob Storage.
Microsoft has been recognized again as a Leader in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM), according to a post on the Microsoft Security Blog.
Microsoft reports that extortion and ransomware account for over half of cyberattacks; in 80% of incidents their security teams investigated last year attackers attempted to steal data, driven more by financial gain than intelligence gathering.
Microsoft Security Blog warns that customer support tools, now more connected and data-rich, are increasingly targeted by cyberattacks. Hardening these systems is essential to safeguard customer trust, protect sensitive data, and maintain business continuity.
Microsoft introduced ExCyTIn-Bench, an open-source benchmarking tool that evaluates how effectively AI systems perform real-world cybersecurity investigations, aiming to standardize measurement and improve AI-driven defensive capabilities.
Microsoft frames building a lasting security culture as a strategic priority and a call to action: security is people-centered, every employee has a role, and embedding secure practices into how people think, work, and collaborate creates a unified, proactive, and resilient defense for Microsoft and its customers.
Microsoft highlights security as a central theme at Ignite 2025, offering dedicated sessions and hands-on experiences focused on securing agentic AI for security professionals and leaders. The blog points readers to the session catalog for details and scheduling.
Microsoft Threat Intelligence reports a financially motivated actor tracked as Storm-2657 conducting “payroll pirate” attacks against US universities by compromising employee accounts, accessing employee profiles, and diverting salary payments to attacker-controlled accounts.
Microsoft highlights that threat actors are abusing Microsoft Teams features across the attack chain and urges defenders to proactively monitor, detect, and respond. The blog recommends layered countermeasures and optimal controls across identity, endpoints, data and app protection, and network controls to better protect enterprise Teams users.
Microsoft’s Secure Future Initiative (SFI) patterns and practices provide practical, practitioner‑led guidance based on Microsoft’s Zero Trust implementation. The guides are designed to help organizations accelerate security maturity, reduce implementation friction, and build systems that are secure by design, by default, and in operation.
Microsoft’s Incident Response team works effectively amid the disorder caused by fast-moving threat actors, treating compromised environments, missing data, and shaken confidence as the starting point for investigations, as described in the Microsoft Security Blog post “Inside Microsoft Threat Intelligence: Calm in the chaos.”
Microsoft observed active exploitation of CVE-2025-10035, a deserialization vulnerability in the GoAnywhere Managed File Transfer (MFT) License Servlet, by the financially motivated actor Storm-1175 (associated with Medusa ransomware). The blog post raises awareness and describes end-to-end protection coverage in Microsoft Defender.
Microsoft was named a Leader in IDC’s inaugural Worldwide Extended Detection and Response (XDR) Software MarketScape for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions, as reported on the Microsoft Security Blog.
Microsoft highlights that cybersecurity is as much about people as technology in its Cybersecurity Awareness Month post, “Security starts with you.” The blog directs readers to Microsoft’s resources and practical guidance to help individuals stay safe online and adopt safer habits.