Credit to Author: Lily Hay Newman| Date: Sat, 11 Oct 2025 10:30:00 +0000
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more.
Read more
Credit to Author: Lily Hay Newman| Date: Fri, 10 Oct 2025 09:15:00 +0000
With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.
Read more
Credit to Author: Matt Burgess| Date: Fri, 10 Oct 2025 09:00:00 +0000
New research shows that North Koreans appear to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, résumés, and Social Security numbers.
Read moreCredit to Author: Microsoft Security Team| Date: Thu, 09 Oct 2025 16:00:00 +0000
Security is a core focus at Microsoft Ignite 2025, reflected in dedicated sessions and hands-on experiences designed for security professionals and leaders. Take a look at the session catalog.
The post Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Thu, 09 Oct 2025 15:00:00 +0000
Microsoft Threat Intelligence has identified a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts, attacks that have been dubbed “payroll pirate”.
The post Investigating targeted “payroll pirate” attacks affecting US universities appeared first on Microsoft Security Blog.
Read more
Credit to Author: Reece Rogers, Lily Hay Newman| Date: Thu, 09 Oct 2025 17:22:32 +0000
“We are going to do everything in our power to fight this,” says ICEBlock developer Joshua Aaron after Apple removed his app from the App Store.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Tue, 07 Oct 2025 17:00:00 +0000
Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps, and network layers to help strengthen protection for enterprise Teams users.
The post Disrupting threats targeting Microsoft Teams appeared first on Microsoft Security Blog.
Read moreCredit to Author: Hammad Rajjoub| Date: Tue, 07 Oct 2025 16:00:00 +0000
Microsoft Secure Future Initiative (SFI) patterns and practices are practical, actionable, insights from practitioners for practitioners based on Microsoft’s implementation of Zero Trust through the Microsoft Secure Future Initiatives. By adopting these patterns, organizations can accelerate their security maturity, reduce implementation friction, and build systems that are more secure by design, default, and in operation.
The post New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security appeared first on Microsoft Security Blog.
Read moreCredit to Author: Elliot Volkman| Date: Mon, 06 Oct 2025 21:00:00 +0000
Incident response is never orderly. Threat actors don’t wait. Environments are compromised. Data is missing. Confidence is shaken. But for Microsoft’s Incident Response (IR) team, that chaos is exactly where the work begins.
The post Inside Microsoft Threat Intelligence: Calm in the chaos appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Mon, 06 Oct 2025 17:00:00 +0000
Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this blog post to increase awareness of this threat and to share end-to-end protection coverage details across Microsoft Defender.
The post Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability appeared first on Microsoft Security Blog.
Read more