
XDR meets IAM: Comprehensive identity threat detection and response with Microsoft
Identity has become the corporate security perimeter. The average organization used 130 different cloud applications in 2022. That’s up 18 percent from 2021 alone.1 And as organizations continue to embrace digital transformation and enable remote work, they look to identity ... continue reading

New macOS vulnerability, Migraine, could bypass System Integrity Protection
A new vulnerability, which we refer to as “Migraine” for its involvement with macOS migration, could allow an attacker with root access to automatically bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. We shared ... continue reading

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China ... continue reading

Microsoft Build 2023: Announcing new identity, compliance, and security features from Microsoft Security
At Microsoft Build 2023—an event for developers by developers—we’re going to announce exciting new features and technologies, share ideas, and help everyone boost their skills so we can all build a more secure future together. This year’s Microsoft Build offers ... continue reading

Cyber Signals: Shifting tactics fuel surge in business email compromise
Today we released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022.1 ... continue reading

How Microsoft can help you go passwordless this World Password Day
It’s that time of year again. World Password Day is May 4, 2023.1 There’s a reason it’s still going strong 10 years after being created by cybersecurity professionals. A recent study that analyzed more than 15 billion passwords found that ... continue reading

Secure your cloud environment with Cloud Next-Generation Firewall by Palo Alto Networks, an Azure Native ISV Service—now in preview
To support our customers in accelerating their digital transformation journey and protecting their cloud environment against threats, Microsoft is committed to giving customers the best possible options for securing their applications. To accelerate that commitment, we are excited to announce ... continue reading
Why you should practice rollbacks to prevent data loss in a ransomware attack
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Tanya Janca, Founder and Chief Executive Officer (CEO) of We Hack Purple, who ... continue reading
Healthy security habits to fight credential breaches: Cyberattack Series
Fifty percent of Microsoft cybersecurity recovery engagements relate to ransomware,1 and 61 percent of all breaches involve credentials.2 In this second report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a ... continue reading

Stay compliant and protect sensitive data with Zero Trust security
Regulatory standards frequently shift and tighten, especially with the rise of hybrid work environments. And with the explosion of data growth, organizations have seen a massive uptick in cybersecurity issues and needs. According to IBM’s 2022 Cost of a Data ... continue reading