Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps, and network layers to help strengthen protection for enterprise Teams users.
The post Disrupting threats targeting Microsoft Teams appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure Future Initiative (SFI) patterns and practices are practical, actionable, insights from practitioners for practitioners based on Microsoft’s implementation of Zero Trust through the Microsoft Secure Future Initiatives. By adopting these patterns, organizations can accelerate their security maturity, reduce implementation friction, and build systems that are more secure by design, default, and in operation.  ​
The post New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security appeared first on Microsoft Security Blog. READ MORE HERE…

Incident response is never orderly. Threat actors don’t wait. Environments are compromised. Data is missing. Confidence is shaken. But for Microsoft’s Incident Response (IR) team, that chaos is exactly where the work begins.
The post Inside Microsoft Threat Intelligence: Calm in the chaos appeared first on Microsoft Security Blog. READ MORE HERE…

Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this blog post to increase awareness of this threat and to share end-to-end protection coverage details across Microsoft Defender.
The post Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…