Read how cyberattackers exploit domain controllers to gain privileged system access where they deploy ransomware that causes widespread damage and operational disruption.
The post How cyberattackers exploit domain controllers using ransomware appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. Microsoft released security updates to address the vulnerability, tracked as CVE 2025-29824, on April 8, 2025.
The post Exploitation of CLFS zero-day leads to ransomware activity appeared first on Microsoft Security Blog. READ MORE HERE…
Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy CISOs share their experiences in cybersecurity and how they are redefining protection.
The post Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity appeared first on Microsoft Security Blog. READ MORE HERE…
During the Tech Accelerator event on April 22, 2025, you will learn how to leverage Microsoft security guidance, products, and tooling throughout your cloud journey.
The post Tech Accelerator: Azure security and AI adoption appeared first on Microsoft Security Blog. READ MORE HERE…
As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.
The post Threat actors leverage tax season to deploy tax-themed phishing campaigns appeared first on Microsoft Security Blog. READ MORE HERE…
Read how Microsoft’s unified security operations platform can use generative AI to transform cybersecurity for the public sector.
The post Transforming public sector security operations in the AI era appeared first on Microsoft Security Blog. READ MORE HERE…
Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot. Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability in the GRUB2, U-boot, and Barebox bootloaders.
The post Analyzing open-source bootloaders: Finding vulnerabilities faster with AI appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft Purview delivers a comprehensive set of solutions that help customers seamlessly secure and confidently activate data in the era of AI.
The post New innovations in Microsoft Purview for protected, AI-ready data appeared first on Microsoft Security Blog. READ MORE HERE…
Discover how the US Department of Labor enhanced security and modernized authentication with Microsoft Entra ID and phishing-resistant authentication.
The post US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID appeared first on Microsoft Security Blog. READ MORE HERE…
Learn about the upcoming availability of Microsoft Security Copilot agents and other new offerings for a more secure AI future.
The post Microsoft unveils Microsoft Security Copilot agents and new protections for AI appeared first on Microsoft Security Blog. READ MORE HERE…