New Microsoft security tools to protect families and businesses
Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI.
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report.
Uncursing the ncurses: Memory corruption vulnerabilities found in library
A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions.
Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool […]
Cloud storage security: What’s new in the threat matrix
We’re announcing the release of a second version of our threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Navigating privacy in a data-driven world with Microsoft Priva
As the world becomes more data-driven and the privacy landscape continues to evolve, the need to take a proactive privacy approach increases. Here's how Microsoft Priva can help.
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
China-based actor Flax Typhoon is exploiting known vulnerabilities for public-facing servers, legitimate VPN software, and open-source malware to gain access to Taiwanese organizations, but not taking further action.
How the Microsoft Incident Response team helps customers remediate threats
Microsoft Incident Response is a global team comprised of cybersecurity experts with deep, highly specialized knowledge in breach detection, response, and recovery.
Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS
Microsoft researchers identified multiple high-severity vulnerabilities in the CODESYS V3 SDK that could put operational technology (OT) infrastructure at risk of attacks, such as remote code execution (RCE) and denial of service (DoS).
Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection
Gain greater visibility into your multicloud environments to better understand your security posture, minimize risk, and detect and respond to threats in real time.
Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks
Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy.