Wednesday, November 19, 2025
Latest:

Microsoft Secure

Microsoft Secure
TH Author

The importance of hardening customer support tools against cyberattacks

As customer support tools become more connected and data-rich, they’re increasingly targeted by cyberattacks. Hardening these systems is no longer optional—it’s essential to protect customer trust, sensitive data, and business continuity.
The post The importance of hardening customer support tools against cyberattacks appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Building a lasting security culture at Microsoft

At Microsoft, building a lasting security culture is more than a strategic priority—it is a call to action. Security begins and ends with people, which is why every employee plays a critical role in protecting both Microsoft and our customers. When secure practices are woven into how we think, work, and collaborate, individual actions come together to form a unified, proactive, and resilient defense. ​
The post Building a lasting security culture at Microsoft appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Investigating targeted “payroll pirate” attacks affecting US universities

Microsoft Threat Intelligence has identified a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts, attacks that have been dubbed “payroll pirate”.
The post Investigating targeted “payroll pirate” attacks affecting US universities appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Disrupting threats targeting Microsoft Teams

Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps, and network layers to help strengthen protection for enterprise Teams users.
The post Disrupting threats targeting Microsoft Teams appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security

Microsoft Secure Future Initiative (SFI) patterns and practices are practical, actionable, insights from practitioners for practitioners based on Microsoft’s implementation of Zero Trust through the Microsoft Secure Future Initiatives. By adopting these patterns, organizations can accelerate their security maturity, reduce implementation friction, and build systems that are more secure by design, default, and in operation.  ​
The post New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this blog post to increase awareness of this threat and to share end-to-end protection coverage details across Microsoft Defender.
The post Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…

Read More