Today, we’re thrilled to introduce new features for securing and governing in the age of AI. We are announcing new capabilities in Microsoft Defender and Microsoft Purview that will make it easier for teams to manage, protect ,and govern AI applications at work.
MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.
Attackers are increasingly leveraging managed IIS extensions as covert backdoors into servers, providing a durable persistence mechanism for attacks.
Microsoft Partner Director of Identity Security Alex Weinert talks with Nitika Gupta, a Microsoft Principal Product Manager who leads the team responsible for enterprise admin capabilities for identity security.
Just like our customers, Microsoft has been on a compliance journey. Here’s what we’ve learned about the most effective mindset and tools to manage compliance.
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
We are excited to announce the general availability of the new Microsoft Graph APIs for Microsoft Purview eDiscovery. With the new Microsoft Purview eDiscovery APIs, partners and customers can leverage automation to streamline common, repetitive workflows that require a lot of manual effort in the product experience.
The Microsoft Security partner opportunity grew 21 percent year-over-year, particularly in Microsoft 365 security, cloud security, compliance, and identity. Microsoft Security partners are expanding their existing offerings and creating new offerings in all these areas, packaging their unique experience, expertise, and IP for effective and efficient service delivery.
A group of actors originating from North Korea that MSTIC tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name.
Competition for talent has increased pressure to lead in the digital space, and business decisions now weigh user experience for employees heavily among costs and benefits. Workers insist on experiences that mirror their personal experience, often on their own device.
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).
