Skip to main content
Skip to main content
Microsoft Security
Sign in

Learn about 4 approaches to comprehensive security that help leaders be fearless

Read more Learn about 4 approaches to comprehensive security that help leaders be fearless
Subscribe
Featured image for Destructive malware targeting Ukrainian organizations

Destructive malware targeting Ukrainian organizations

Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.
Read more Destructive malware targeting Ukrainian organizations
Man with glasses looking ahead. Featured image for Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study

Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study

Total Economic Impact™ study conducted by Forrester Consulting and commissioned by Microsoft reveals cost savings and business benefits enabled by Zero Trust.
Read more Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study
Group of four men and women having a meeting around a table in a conference room. Featured image for Align your security and network teams to Zero Trust security demands

Align your security and network teams to Zero Trust security demands

Get expert advice on how to bridge gaps between your SOC and NOC and enable Zero Trust security in today’s rapidly evolving threat landscape.
Read more Align your security and network teams to Zero Trust security demands
Image of a person working on a MacBook Pro in the subway Featured image for New macOS vulnerability, “powerdir,” could lead to unauthorized user data access

New macOS vulnerability, “powerdir,” could lead to unauthorized user data access

A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. We shared our findings with Apple through Coordinated Vulnerability Disclosure (CVD) and Apple released a fix.
Read more New macOS vulnerability, “powerdir,” could lead to unauthorized user data access
Real people. Customer support/admin meeting at a digital consulting firm. The firm provides custom solutions across a multitude of disciplines including IT, front and back end software development, customer support and data services. Featured image for What you need to know about how cryptography impacts your security strategy

What you need to know about how cryptography impacts your security strategy

Taurus SA Co-founder and Chief Security Officer Jean-Philippe “JP” Aumasson shares how the discipline of cryptography will impact cybersecurity strategy.
Read more What you need to know about how cryptography impacts your security strategy
Female developer speaking in front of a white board during team stand up meeting. Featured image for The final report on NOBELIUM’s unprecedented nation-state attack

The final report on NOBELIUM’s unprecedented nation-state attack

In the final post of a four-part series on the NOBELIUM nation-state attack, we explore key findings from the after-action report on the attack.
Read more The final report on NOBELIUM’s unprecedented nation-state attack
A red-haired woman with a green shirt and glasses, sitting inside an office working on her laptop. Featured image for Your guide to mobile digital forensics

Your guide to mobile digital forensics

Cellebrite Senior Director of Digital Intelligence Heather Mahalik offers an inside look at mobile forensics and shares how to think about the function in your organization.
Read more Your guide to mobile digital forensics
Image of data center Featured image for Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

Microsoft is tracking threats taking advantage of the remote code execution (RCE) vulnerability in Apache Log4j 2. Get technical info and guidance for using Microsoft security solutions to protect against attacks.
Read more Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Adult woman working on multiple laptops. Featured image for Best practices for AI security risk management

Best practices for AI security risk management

Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI systems.
Read more Best practices for AI security risk management
Featured image for A closer look at Qakbot’s latest building blocks (and how to knock them down)

A closer look at Qakbot’s latest building blocks (and how to knock them down)

Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan, Qakbot has evolved into a multi-purpose…
Read more A closer look at Qakbot’s latest building blocks (and how to knock them down)
Woman pays for clothing at register. Featured image for New research shows IoT and OT innovation is critical to business but comes with significant risks

New research shows IoT and OT innovation is critical to business but comes with significant risks

This year the need for much improved IoT and OT cybersecurity has become even more clear with the recent and now famous attacks. To better understand the challenges customers are facing, Microsoft partnered with the Ponemon Institute to produce empirical data to help us better understand the state of IoT and OT security from a customer’s perspective.
Read more New research shows IoT and OT innovation is critical to business but comes with significant risks
Man sitting at a desk viewing Power BI and Welcome Screen within Windows 365. Featured image for Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center

Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center

Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel. Kernel-mode driver publishers must pass the hardware lab kit (HLK) compatibility tests, malware scanning, and prove their identity through extended validation (EV) certificates.
Read more Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center