Windows users have recently begun mass-reporting that Microsoft's Defender antivirus program, which is integrated into Windows 10 and 11 by default, is
Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token
Bethesda's roadmap for the fiscal years starting in 2020 and ending in 2024 has made its way online as part of the documents leaked from the FTC v. Microsoft case.
A software repository on GitHub dedicated to supplying open-source code and AI models for image recognition was left open to manipulation by bad actors thanks to an insecure URL.
Microsoft will pay legal damages on behalf of customers using its artificial intelligence (AI) products if they are sued for copyright infringement for the output generated by such systems, the company said on Thursday.
US tech giant will assume customers’ liability for material created by AI assistants in Word and coding tools
Our investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that this incident seems to have a broader scope than originally assumed. Organizations using Microsoft and Azure services should take steps to assess potential impact.
Results of Major Technical Investigations for Storm-0558 Key Acquisition
Rep. Don Bacon tweeted Monday that he had been notified by the FBI that his emails had been hacked.
Microsoft's OneDrive file-sharing program can be used as ransomware to encrypt most of the files on a target machine without possibility of recovery, partly because the program is inherently trusted by Windows and endpoint detection and response programs (EDRs).
A US cybersecurity advisory panel will investigate risks in cloud computing, including Microsoft Corp.’s role in a recent breach of government officials’ email accounts by suspected Chinese hackers, according to two people familiar with the matter.
The Cyber Safety Review Board, which was created by the Biden administration to investigate major cybersecurity events, will focus on risks to cloud computing infrastructure broadly, including identity and authentication management, and will examine all relevant cloud service providers, according to a Department of Homeland Security official. The issue was brought into focus by the breach of Microsoft’s email systems, the official said. Both people asked not to be named so they could discuss sensitive information.
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
Cybersecurity veteran Amit Yoran says Microsoft has a culture of toxic obfuscation when it comes to addressing security threats.
Last week, Senator Ron Wyden sent a letter to the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Justice and the Federal Trade Commission (FTC) asking that they hold Microsoft accountable for a repeated pattern of negligent cybersecurity practices, which has enabled Chine
Russian state-sponsored hackers posed as technical support staff on Microsoft Teams to compromise dozens of global organizations, including government agencies.
Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse.
Microsoft has announced changes to a system that was exploited by Chinese hackers over the last month that allowed them to access email accounts and spy on the inner workings of two dozen organizations, including government agencies, a lawmaker’s staff and even Commerce Secretary Gina Raimondo.
China-based hackers have breached email accounts at two-dozen organizations, including some United States government agencies, in an apparent spying campaign aimed at acquiring sensitive information, according to statements from Microsoft and the White House late Tuesday.
Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this…
The Microsoft Windows Hardware Compatibility Program (WHCP) certifies that drivers, and other products, run reliably on Windows and on Windows certified hardware. First reported by Sophos, and later Trend Micro and Cisco, Microsoft has investigated and confirmed a list of third-party WHCP-certified drivers used in cyber threat campaigns. Because of the drivers’ intent and functionality, Microsoft has added them to the Windows Driver.STL revocation list.
