Microsoft Secure

Microsoft Secure

Defending against evolving identity attack techniques

Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like passkeys, can improve security against these evolving threats.
The post Defending against evolving identity attack techniques appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

New Russia-affiliated actor Void Blizzard targets critical sectors for espionage

Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to Russia, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America.
The post New Russia-affiliated actor Void Blizzard targets critical sectors for espionage appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law enforcement, facilitated the disruption of Lumma infrastructure.
The post Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. These exploits have resulted in collection of related user data from targets in Iraq. Microsoft […]
The post Marbled Dust leverages zero-day in Output Messenger for regional espionage appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure

Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2

Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy chief information security officers share their experiences in cybersecurity and how they are redefining protection.
The post Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2 appeared first on Microsoft Security Blog. READ MORE HERE…

Read More