17 result(s)
Microsoft warns that threat actors are increasingly abusing Microsoft Teams features across the attack chain and recommends proactive monitoring, detection, and response. The blog outlines countermeasures and optimal controls across identity, endpoints, data/apps, and network layers to better protect enterprise Teams users.
Microsoft’s Secure Future Initiative (SFI) patterns and practices provide practical, practitioner-focused guidance based on Microsoft’s Zero Trust implementation. The resources aim to help organizations accelerate security maturity, reduce implementation friction, and build systems that are secure by design, default, and in operation.
Microsoft’s Incident Response team works effectively amid the disorder caused by fast-moving threat actors, treating compromised environments, missing data, and shaken confidence as the starting point for investigations, as described in the Microsoft Security Blog post “Inside Microsoft Threat Intelligence: Calm in the chaos.”
Microsoft observed active exploitation of CVE-2025-10035, a deserialization vulnerability in the GoAnywhere Managed File Transfer (MFT) License Servlet, by the financially motivated actor Storm-1175 (associated with Medusa ransomware). The blog post raises awareness and describes end-to-end protection coverage in Microsoft Defender.
Microsoft was named a Leader in IDC’s inaugural Worldwide Extended Detection and Response (XDR) Software MarketScape for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions, according to the Microsoft Security Blog.
Microsoft highlights that cybersecurity is as much about people as technology in its Cybersecurity Awareness Month post, “Security starts with you.” The blog directs readers to Microsoft’s resources and practical guidance to help individuals stay safe online and adopt safer habits.
Microsoft Sentinel is expanding into an agentic security platform: the Sentinel data lake is generally available, and Sentinel graph plus the Sentinel Model Context Protocol (MCP) server are available in public preview to enable richer data, graph-based analysis, and model-aware agentic workflows for defenders.
Microsoft announced the launch of the reimagined Microsoft Marketplace, a unified and trusted destination for cloud solutions, AI apps and agents designed to connect thousands of solutions with millions of customers and empower organizations to become ‘Frontier’.
Microsoft Threat Intelligence has identified a new variant of the XCSSET malware that targets Xcode projects used by developers building Apple and macOS applications, detailed in a Microsoft Security Blog post.
Microsoft’s Cyberattack Series examines a retail incident where a single security alert exposed a persistent cyberthreat. Attackers exploited unpatched SharePoint vulnerabilities and compromised identities to infiltrate networks, causing widespread operational risk—echoed by industry statistics (60% operational disruptions, 43% breaches). Microsoft’s Detection and Response Team (DART) provided forensic analysis and actionable remediation guidance; the full report offers detailed findings and defensive recommendations.
Microsoft Threat Intelligence detected and blocked a credential-phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, highlighting a trend of attackers leveraging AI and the need for defenders to anticipate and adapt to AI-driven threats.
A Forrester Consulting Total Economic Impact study, commissioned by Microsoft, found that unifying data security, governance, and compliance on Microsoft Purview reduced the likelihood of data breaches by 30% and delivered measurable benefits for modernizing data protection.
A 2025 Forrester Consulting TEI study found Microsoft Defender delivered a 242% ROI over three years, produced $17.8 million in benefits, and paid for itself in under six months by helping organizations consolidate security tools and improve SecOps efficiency with AI and automation.
Microsoft Fabric and Purview teams announced their participation in the European Microsoft Fabric Community Conference and highlighted Microsoft Purview innovations focused on unifying data security and governance for the AI era in a Microsoft Security Blog post.
Microsoft Azure will begin Phase 2 mandatory multi-factor authentication enforcement at the Azure Resource Manager layer starting October 1, 2025, as announced on the Microsoft Security Blog.
Microsoft reports that financially motivated threat actor Storm-0501 has shifted from deploying on-premises endpoint ransomware toward cloud-based ransomware tactics, increasingly focusing on cloud-specific TTPs after previously targeting hybrid cloud environments.
Microsoft was ranked number one in the modern endpoint security market share for the third consecutive year, according to a new IDC report, as announced on the Microsoft Security Blog.