Credit to Author: Dhruv Mehrotra, Dell Cameron| Date: Sat, 04 May 2024 10:30:00 +0000
Plus: An assassination plot, an AI security bill, a Project Nimbus revelation, and more of the week’s top security news.
Read moreMicrosoft is rolling out passkey support for all devices. Here’s a quick guide on how to create one.
Read moreCredit to Author: Charlie Bell| Date: Fri, 03 May 2024 14:55:00 +0000
Microsoft is expanding the scope of the Secure Future Initiative to adapt to the evolving cyberthreat landscape. Read about the principles and pillars driving this initiative.
The post Security above all else—expanding Microsoft’s Secure Future Initiative appeared first on Microsoft Security Blog.
Read moreCredit to Author: Vasu Jakkal and Joy Chik| Date: Thu, 02 May 2024 13:00:00 +0000
The best part about passkeys is that you’ll never need to worry about creating, forgetting, or resetting passwords ever again. Read about Microsoft’s new passkey support for consumer accounts.
The post Microsoft introduces passkeys for consumer accounts appeared first on Microsoft Security Blog.
Read more
Credit to Author: Matt Burgess| Date: Fri, 03 May 2024 09:00:00 +0000
“Yahoo Boy” cybercriminals are openly running dozens of scams across Facebook, WhatsApp, Telegram, TikTok, YouTube, and more.
Read moreCredit to Author: Alex Weinert and Ramya Chitrakar| Date: Wed, 01 May 2024 22:00:00 +0000
Today we are thrilled to announce that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass Identity Threat Detection and Response: IAM Meets the SOC. The report highlights strengths across key capabilities ranging from identity posture to remediation, while further highlighting Microsoft’s commitment to protecting all organizations.
The post Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Wed, 01 May 2024 18:00:00 +0000
Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts. We have shared our findings with Google’s Android Application Security Research team, as well as the developers of apps found vulnerable to this issue. We anticipate that the vulnerability pattern could be found in other applications. We’re sharing this research more broadly so developers and publishers can check their apps for similar issues, fix as appropriate, and prevent them from being introduced into new apps or releases.
The post “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps appeared first on Microsoft Security Blog.
Read moreAfter a breach in the Dropbox Sign environment, customer information may have been stolen and API users have restricted functionality
Read moreOur researchers found fake sponsored search results that lead consumers to a typical fake Microsoft alert site set up by tech support scammers.
Read more
Credit to Author: Jordan Pearson| Date: Thu, 02 May 2024 15:24:21 +0000
Outabox, an Australian firm that scanned faces for bars and clubs, suffered a breach that shows the problems with giving companies your biometric data.
Read more