Security events offer a valuable opportunity to learn about the latest trends and solutions, evolve your skills for cyberthreats, and meet like-minded security professionals. See where you can meet Microsoft Security in 2025.
Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures that resemble messaging app experiences including WhatsApp, Signal, and Microsoft Teams. Storm-2372’s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East. Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.
Microsoft Security provides cyberthreat protection, posture management, data security, compliance and governance, and AI safety, to secure AI applications that you build and use. These capabilities can also be used to secure and govern AI apps built with the DeepSeek R1 model and the use of the DeepSeek app.Â
Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time.
Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to launch ViewState code injection attacks and perform malicious actions on target servers.
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Adopting proactive defensive measures is the only way to get ahead of determined efforts to compromise identities and gain access to your environment.
Read how Microsoft Purview can secure and govern generative AI quickly, with minimal user impact, deployment resources, and change management.
In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This is the first time we have identified a shift in Star Blizzard’s longstanding tactics, techniques, and procedures (TTPs) to leverage a […]
As our Microsoft AI Tour reached Brussels, Paris, and Berlin recently, we met with European organizations that were energized by the possibilities of our latest AI technologies and engaged in deployment projects. They were also alert to the fact that 2025 is the year that key obligations under the European Union’s AI Act come into effect, opening a new chapter in digital regulation as the world’s first, comprehensive AI law becomes a reality.
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent malware, bypass Transparency, Consent, and Control (TCC), and expand the attack surface to perform other unauthorized operations.
Microsoft Defender Experts for XDR is a mature and proven service that triages, investigates, and responds to incidents and hunts for threats on a customer’s behalf around the clock. Learn more about why organizations across major industries rely on it.
New Microsoft guidance is now available for United States government agencies and their industry partners to help implement Zero Trust strategies and meet CISA Zero Trust requirements.
Microsoft commissioned Foundry to conduct a study to understand the current state of threat protection. Read the new e-book for research-driven insights into a unified security platform.
