thumbnail Unveiling RIFT: Enhancing Rust malware analysis through pattern matching
thumbnail Microsoft 365 'Direct Send' abused to send phishing as internal users
thumbnail Microsoft Outlook to block more risky attachments used in attacks
thumbnail Announcing a new strategic collaboration to bring clarity to threat actor naming | Microsoft Security Blog
thumbnail New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
thumbnail Microsoft’s AI security chief accidentally reveals Walmart’s AI plans after protest
thumbnail Trump's sanctions on ICC prosecutor have halted tribunal's work
thumbnail Microsoft Dynamics 365 Customer Voice Phishing Scam
thumbnail Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
thumbnail Despite Recent Security Hardening, Entra ID Synchronization Feature Remains Open for Abuse
thumbnail Widespread Microsoft Entra lockouts tied to new security feature rollout
thumbnail Threat actors misuse Node.js to deliver malware and other malicious payloads | Microsoft Security Blog
thumbnail Exploitation of CLFS zero-day leads to ransomware activity
thumbnail EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher
thumbnail Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
thumbnail Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
thumbnail VSCode extensions found downloading early-stage ransomware
thumbnail Silk Typhoon targeting IT supply chain
thumbnail Storm-2372 conducts device code phishing campaign
thumbnail Code injection attacks using publicly disclosed ASP.NET machine keys
thumbnail Hackers spoof Microsoft ADFS login pages to steal credentials
thumbnail New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
thumbnail Microsoft: macOS bug lets hackers install malicious kernel drivers
thumbnail Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures
thumbnail What We Know About CVE-2024-49112 and CVE-2024-49113
thumbnail Oasis Security Research Team Discovers Microsoft Azure MFA Bypass
thumbnail Microsoft Power Pages: Data Exposure Reviewed
thumbnail Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog
thumbnail Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
thumbnail Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
thumbnail ReliaQuest Uncovers New Black Basta Social Engineering Technique - ReliaQuest
thumbnail Microsoft creates fake Azure tenants to pull phishers into honeypots
thumbnail Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
thumbnail File hosting services misused for identity phishing
thumbnail DOJ, Microsoft seize more than 100 domains used by the FSB
thumbnail Storm-0501: Ransomware attacks expanding to hybrid cloud environments
thumbnail Microsoft ends development of Windows Server Update Services (WSUS)
thumbnail Microsoft working on OS update to prevent another IT outage
thumbnail North Korean threat actor Citrine Sleet exploiting Chromium zero-day
thumbnail How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions
thumbnail Windows driver zero-day exploited by Lazarus hackers to install rootkit
thumbnail Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
thumbnail Iran Targeting 2024 US Election
thumbnail CrowdStrike says it isn't to blame for Delta's flight cancellations after July outage
thumbnail 'Error' in Microsoft's DDoS defenses amplified Azure outage
thumbnail Microsoft says massive Azure outage was caused by DDoS attack
thumbnail Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog
thumbnail Windows Security best practices for integrating and managing security tools
thumbnail Microsoft calls for Windows changes and resilience after CrowdStrike outage
thumbnail Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD
thumbnail New attack uses MSC files and Windows XSS flaw to breach networks
thumbnail Zero-Click Critical Microsoft Outlook Vulnerability. What You Need to Know.
thumbnail Security bug allows anyone to spoof Microsoft employee emails
thumbnail Microsoft Refused to Fix Flaw Years Before SolarWinds Hack
thumbnail You’ve Got Mail: Critical Microsoft Outlook Vulnerability Executes as Email is Opened
thumbnail Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
thumbnail Malicious VSCode extensions with millions of installs discovered
thumbnail Microsoft hit with EU privacy complaints over schools' use of 365 Education suite
thumbnail Analysts join the call for Microsoft to recall Recall
thumbnail Cyber Signals: Inside the growing risk of gift card fraud
thumbnail How ransomware abuses BitLocker | Securelist
thumbnail Microsoft will require MFA for all Azure users
thumbnail Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
thumbnail Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets
thumbnail Watch out for tech support scams lurking in sponsored search results
thumbnail “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps
thumbnail Microsoft needs to win back trust
thumbnail Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters
thumbnail The US Government Has a Microsoft Problem
thumbnail CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft
thumbnail Microsoft could have prevented Chinese cloud email hack, US cyber report says
thumbnail Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season
thumbnail Microsoft Copilot for Security: General Availability details
thumbnail Microsoft publie son outil interne de test de sécu d'IA générative
thumbnail Russian spies keep hacking into Microsoft in 'ongoing attack,' company says
thumbnail Microsoft AI engineer says Copilot Designer creates disturbing images
thumbnail Internet Society veut empêcher Microsoft d'héberger les données de santé des Français
thumbnail Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments
thumbnail DarkGate malware delivered via Microsoft Teams - detection and response
thumbnail Midnight Blizzard: Guidance for responders on nation-state attack
thumbnail Microsoft network breached through password-spraying by Russian-state hackers
thumbnail Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
thumbnail Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
thumbnail Microsoft disables MSIX protocol handler abused in malware attacks
thumbnail Threat actors misuse OAuth applications to automate financially driven attacks
thumbnail Star Blizzard increases sophistication and evasion in ongoing attacks
thumbnail Windows 10 gets three more years of security updates, if you can afford them | Ars Technica
thumbnail Diamond Sleet supply chain compromise distributes a modified CyberLink installer
thumbnail Microsoft Patch Tuesday November 2023
thumbnail Détournement de Microsoft et Cloudflare au cours d’une nouvelle attaque de QRishing
thumbnail Microsoft Temporarily Blocked Internal Access to ChatGPT, Citing Data Concerns
thumbnail Microsoft offers politicians protection against deepfakes
thumbnail New Microsoft Exchange zero-days allow RCE, data theft attacks
thumbnail Microsoft is overhauling its software security after major Azure cloud attacks
thumbnail Microsoft profiles new threat group with unusual but effective practices
thumbnail Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
thumbnail The evolution of Windows authentication
thumbnail Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System
thumbnail 38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog
thumbnail Leaked Microsoft documents hint at new Doom and Dishonored games
thumbnail Microsoft AI Employee Accidentally Leaks 38TB of Data
thumbnail Microsoft to defend customers on AI copyright challenges
thumbnail Compromised Microsoft Key: More Impactful Than We Thought
thumbnail Chinese Microsoft hackers also hit GOP Rep. Don Bacon of Nebraska
thumbnail 'DoubleDrive' attack turns Microsoft OneDrive into ransomware
thumbnail Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry
thumbnail Midnight Blizzard conducts targeted social engineering over Microsoft Teams
thumbnail Tenable CEO accuses Microsoft of negligence in addressing security flaw
thumbnail Microsoft…The Truth Is Even Worse Than You Think
thumbnail Russia-backed hackers used Microsoft Teams to breach government agencies | TechCrunch
thumbnail Cryptojacking: Understanding and defending against cloud compute resource abuse
thumbnail Microsoft changes signing key system breached by Chinese hackers to steal US gov’t data
thumbnail Chinese hackers breached US government email accounts, Microsoft and White House say | CNN Politics
thumbnail Storm-0978 attacks reveal financial and espionage motives
thumbnail The five-day job: A BlackByte ransomware intrusion case study
thumbnail Microsoft Teams vulnerability allows attackers to deliver malware to employees
thumbnail Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks
thumbnail Microsoft Encrypted Restricted Permission Messages Deliver Phishing | Trustwave
thumbnail Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog
thumbnail New macOS vulnerability, Migraine, could bypass System Integrity Protection | Microsoft Security Blog
thumbnail Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
thumbnail Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)
thumbnail DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
thumbnail MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
thumbnail Stopping cybercriminals from abusing security tools
thumbnail Privacy, a chi tocca proteggere gli studenti?
thumbnail Guidance for investigating attacks using CVE-2023-23397
thumbnail Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online - Microsoft Community Hub
thumbnail Everything We Know About CVE-2023-23397
thumbnail A Noteworthy Threat: How Cybercriminals are Abusing OneNote
thumbnail Iran responsible for Charlie Hebdo attacks
thumbnail No Macro? No Worries. VSTO Being Weaponized by Threat Actors
thumbnail Qakbot's Evolution Continues with New Strategies
thumbnail Threat groups are using Windows LNK files to gain access
thumbnail ZINC weaponizing open-source software - Microsoft Security Blog
thumbnail Microsoft-signed malicious Windows drivers used in ransomware attacks
thumbnail Preparing for a Russian cyber offensive against Ukraine this winter
thumbnail Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression
thumbnail Exploited Windows zero-day lets JavaScript files bypass security warnings
thumbnail New “Prestige” ransomware impacts organizations in Ukraine and Poland
thumbnail ZINC weaponizing open-source software
thumbnail Slack’s and Teams’ Lax App Security Raises Alarms
thumbnail Malicious OAuth applications abuse cloud email services to spread spam
thumbnail Malvertising on Microsoft Edge's News Feed pushes tech support scams
thumbnail Undermining Microsoft Teams Security by Mining Tokens
thumbnail Microsoft investigates Iranian attacks against the Albanian government
thumbnail Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks - Microsoft Security Blog
thumbnail MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
thumbnail Disrupting SEABORGIUM’s ongoing phishing operations
thumbnail Large-Scale AiTM Attack targeting enterprise users of Microsoft email services
thumbnail Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
thumbnail North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware
thumbnail From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
thumbnail Ongoing phishing campaign can hack you even when you’re protected with MFA
thumbnail Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
thumbnail Cybersecurity experts question Microsoft's Ukraine report
thumbnail Microsoft finds Raspberry Robin worm in hundreds of Windows networks
thumbnail The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
thumbnail NSA, Partners Recommend Properly Configuring, Monitoring PowerShell in New Report
thumbnail 7-zip now supports Windows ‘Mark-of-the-Web’ security feature
thumbnail Defending Ukraine: Early Lessons from the Cyber War
thumbnail FBI says fraud on LinkedIn a 'significant threat' to platform and consumers
thumbnail CVE-2022-26925 : Patchez vos machines Windows sans attendre
thumbnail Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
thumbnail Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins
thumbnail Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn
thumbnail When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
thumbnail DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
thumbnail Lapsus$ hackers leak 37GB of Microsoft's alleged source code
thumbnail New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store
thumbnail Dropping Files on a Domain Controller Using CVE-2021-43893
thumbnail Who Needs to Exploit Vulnerabilities When You Have Macros?
thumbnail Helping users stay safe: Blocking internet macros by default in Office