Security is a core focus at Microsoft Ignite 2025, reflected in dedicated sessions and hands-on experiences designed for security professionals and leaders. Whether you’re shaping strategy or working on the front lines, Microsoft Ignite offers direct access to the latest advancements and practical solutions from leading experts. Join[…]
Read More
Microsoft Threat Intelligence has observed a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts. These types of attacks have been dubbed “payroll pirate” by the industry. Storm-2657 is actively targeting[…]
Read More
As innovation speeds up, staying agile is essential. To keep your business ahead of the curve with innovation across Microsoft Dynamics 365, Microsoft Power Platform, and Copilot Studio, join us for the Business Applications Launch Event, debuting live on the Dynamics 365 YouTube channel on Thursday, October 23, 2025 at 9[…]
Read More
As innovation speeds up, staying agile is essential. To keep your business ahead of the curve with innovation across Microsoft Dynamics 365, Microsoft Power Platform, and Copilot Studio, join us for the Business Applications Launch Event, debuting live on the Dynamics 365 YouTube channel on Thursday, October 23, 2025 at 9[…]
Read More
The extensive collaboration features and global adoption of Microsoft Teams make it a high-value target for both cybercriminals and state-sponsored actors. Threat actors abuse its core capabilities – messaging (chat), calls and meetings, and video-based screen-sharing – at different points along the attack chain. This raises the stakes[…]
Read MoreBuilding on the momentum of our initial launch of the Microsoft Secure Future Initiative (SFI) patterns and practices, this second installment continues our commitment to making security implementation practical and scalable. The first release introduced a foundational library of actionable guidance rooted in proven architectures like Zero Trust.[…]
Read MoreOverview Power Pages continues to enhance its default security framework and empowers users to confidently use the platform. As organizations increasingly rely on Power Pages for their external-facing portals, it’s essential to stay ahead of malicious actors who may attempt to exploit these sites for phishing. The Phishing[…]
Read MoreLeading Through the Worst Day Incident response is never orderly. Threat actors don’t wait. Environments are compromised. Data is missing. Confidence is shaken. But for Microsoft’s Incident Response (IR) team, that chaos is exactly where the work begins. In Episode 1, we showed how Microsoft Threat Intelligence and the[…]
Read MoreOn September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT’s License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response signature to deserialize an[…]
Read More
When cybersecurity stakes are high and complexity is the norm, Microsoft doesn’t just participate, it excels with Microsoft Defender XDR—built to anticipate, disrupt, and outpace modern cyberthreats. We are excited to announce that Microsoft has been named a Leader in the IDC MarketScape: Worldwide Extended Detection and Response Software 2025 Vendor Assessment[…]
Read More