Microsoft Security Blog
Your source for the latest in cybersecurity
How to better protect your growing business in an AI-powered world
See how built-in security helps keep your growing business running, protect customer trust, and support growth.
Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark
Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH).
World Passkey Day: Advancing passwordless authentication
This World Passkey Day, read how Microsoft is advancing passkey adoption to replace passwords, cut phishing risk, and deliver simpler, more secure sign-ins.
Microsoft Agent 365, now generally available, expands capabilities and integrations
Today we’re announcing the general availability of Agent 365, plus previews of new capabilities to discover and manage shadow AI agents, including local agents like OpenClaw and Claude Code.
Threat intelligence
-
Exposing Fox Tempest: A malware-signing service operation
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code, including ransomware. -
Kazuar: Anatomy of a nation-state botnet
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations. -
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetected demonstrating that intrusions have increasingly avoided using noisy exploits, obvious malware, or custom tooling, instead leveraging systems that organizations already trust within their environments.
Stay ahead of threats
Get expert insights, threat intelligence, and the latest cybersecurity reports from Security Insider.
AI and machine learning
-
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrieving records from your CRM, writing and executing code, and taking actions on your behalf across dozens of connected systems. -
How to better protect your growing business in an AI-powered world
See how built-in security helps keep your growing business running, protect customer trust, and support growth. -
Defense in depth for autonomous AI agents
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center.
Modernize your security operations center
Confidently secure your multicloud, multiplatform environment with Microsoft Sentinel – a cloud-native security information and event management (SIEM) solution.
Latest posts
-
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrieving records from your CRM, writing and executing code, and taking actions on your behalf across dozens of connected systems. -
Exposing Fox Tempest: A malware-signing service operation
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code, including ransomware. -
How Storm-2949 turned a compromised identity into a cloud-wide breach
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. -
How to better protect your growing business in an AI-powered world
See how built-in security helps keep your growing business running, protect customer trust, and support growth. -
Defense in depth for autonomous AI agents
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. -
Kazuar: Anatomy of a nation-state botnet
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations.