18 Febbraio 2025
​​Join us for the end-to-end Microsoft RSAC 2025 Conference experience

AI adoption is picking up speed. Many companies are growing their technology estates by embracing powerful new solutions like generative AI. But to maximize the benefits of new technology with confidence, security professionals need to stay compliant with the evolving regulatory and audit requirements in the age of[…]

Read More
14 Febbraio 2025
Storm-2372 conducts device code phishing campaign

Executive summary Today we’re sharing that Microsoft discovered cyberattacks being launched by a group we call Storm-2372, who we assess with medium confidence aligns with Russia’s interests and tradecraft. The attacks appear to have been ongoing since August 2024 and have targeted governments, NGOs, and a wide range[…]

Read More
13 Febbraio 2025
Securing DeepSeek and other AI systems with Microsoft Security

A successful AI transformation starts with a strong security foundation. With a rapid increase in AI development and adoption, organizations need visibility into their emerging AI apps and tools. Microsoft Security provides threat protection, posture management, data security, compliance, and governance to secure AI applications that you build[…]

Read More
12 Febbraio 2025
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard[…]

Read More
10 Febbraio 2025
Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series

There are countless statistics about cybercrime and one of the most impactful is that for threat actors. Their profits continue to increase year over year and are on track to rise from $9.22 trillion in 2024 to $13.82 trillion by 2028.1 If the financial drain caused by threat[…]

Read More
6 Febbraio 2025
Code injection attacks using publicly disclosed ASP.NET machine keys

In December 2024, Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure[…]

Read More
3 Febbraio 2025
Hear from Microsoft Security experts at these top cybersecurity events in 2025

Inspiration can spark in an instant when you’re at a conference. Perhaps you discover a new tool during a keynote that could save you hours of time. Or maybe a peer shares a story over coffee that makes you rethink an approach. One conversation, one session, or one[…]

Read More
28 Gennaio 2025
3 priorities for adopting proactive identity and access security in 2025

If 2024 taught us anything, it’s that a proactive, no-compromises approach to security is essential for 2025 and beyond. Nation-states and advanced cybercriminals are making significant investments in infrastructure and automation to intensify familiar cyberattack patterns; password attacks, for example, escalated from 579 incidents per second in 20211[…]

Read More
27 Gennaio 2025
Fast-track generative AI security with Microsoft Purview

As a data security global black belt, I help organizations secure AI solutions. They are concerned about data oversharing, data leaks, compliance, and other potential risks. Microsoft Purview is Microsoft’s solution for securing and governing data in generative AI. I’m often asked how long it takes to deploy[…]

Read More
23 Gennaio 2025
2025 release wave 1 plans for Microsoft Dynamics 365, Microsoft Power Platform, and Role-based Copilot offerings

We’ve published the 2025 release wave 1 plans for Microsoft Dynamics 365, Microsoft Power Platform, and Role-based Copilot offerings. These plans are a compilation of the new capabilities planned to be released between April 2025 and September 2025. With advancements in agents, automation, intelligence, and seamless integrations, this[…]

Read More