Microsoft Secure

Microsoft Secure

Elevate your protection with expanded Microsoft Defender Experts coverage

Defender Experts now offers 24/7, expert-driven protection for cloud workloads, beginning with hybrid and multicloud servers in Microsoft Defender for Cloud. Additionally, third-party network signals can be used in Microsoft Defender Experts for XDR to enhance incidents for faster and more accurate detection and response.
The post Elevate your protection with expanded Microsoft Defender Experts coverage appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats

Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been ongoing since at least 2024, targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware.
The post Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability

Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), including the ability to extract and leak sensitive information cached by Apple Intelligence.
The post Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Disrupting active exploitation of on-premises SharePoint vulnerabilities

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.
The post Disrupting active exploitation of on-premises SharePoint vulnerabilities appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI

We’re evolving our industry-leading Security Incidents and Event Management solution (SIEM), Microsoft Sentinel, to include a modern, cost-effective data lake. By unifying all your security data, Microsoft Sentinel data lake, in public preview, accelerates AI adoption and drives unparalleled visibility, empowering teams to detect and respond faster. With Sentinel data lake, you’re no longer forced to choose between retaining critical data and staying within budget. ​ 
The post Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Transparency on Microsoft Defender for Office 365 email security effectiveness

Microsoft believes in transparently sharing performance data from Microsoft Defender for Office 365, and other ecosystem providers, to help customers evaluate email security solutions and make decisions to layer for defense in depth.
The post Transparency on Microsoft Defender for Office 365 email security effectiveness appeared first on Microsoft Security Blog. READ MORE HERE…

Read More