Microsoft

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 25 Sep 2025 15:00:00 +0000

Microsoft Threat Intelligence has uncovered a new variant of the XCSSET malware, which is designed to infect Xcode projects, typically used by software developers building Apple or macOS-related applications.

The post XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Incident Response| Date: Wed, 24 Sep 2025 17:00:00 +0000

In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations. With 60% of retail companies reporting operational disruptions from cyberattacks and 43% experiencing breaches in the past year, the stakes have never been higher. This post unpacks where a single alert led to the discovery of a major persistent threat, how attackers exploited unpatched SharePoint vulnerabilities and compromised identities to infiltrate networks—and how the Microsoft Incident Response—the Detection and Response Team (DART) swiftly stepped in with forensic insights and actionable guidance. Download the full report to learn more about how one small signal exposed a much larger danger, and how you can strengthen your defenses against similar threats.

The post Retail at risk: How one alert uncovered a persistent cyberthreat​​ appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 24 Sep 2025 12:00:00 +0000

Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a broader trend of attackers leveraging AI to increase the effectiveness of their operations and underscoring the need for defenders to understand and anticipate AI-driven threats.

The post AI vs. AI: Detecting an AI-obfuscated phishing campaign appeared first on Microsoft Security Blog.

Credit to Author: Herain Oberoi| Date: Tue, 23 Sep 2025 16:00:00 +0000

A recent Total Economic Impact™ (TEI) Of Microsoft Purview study by Forrester Consulting, commissioned by Microsoft, offers valuable insights into how organizations are modernizing their data protection strategies. The study covers the tangible benefits of unifying data security, data governance and data compliance under a single platform—an approach exemplified by Microsoft Purview.

The post Microsoft Purview delivered 30% reduction in data breach likelihood appeared first on Microsoft Security Blog.

Credit to Author: Scott Woodgate| Date: Thu, 18 Sep 2025 17:00:00 +0000

​The latest 2025 commissioned Forrester Consulting Total Economic Impact™ (TEI) study reveals a 242% ROI over three years for organizations that chose Microsoft Defender. It helps security leaders consolidate tools, reduce overhead, and empower their SecOps teams with operational efficiencies powered by AI and automation. In total, the study found Defender delivered $17.8 million in benefits and paid for itself in less than six months. ​

The post Microsoft Defender delivered 242% return on investment over three years​​ appeared first on Microsoft Security Blog.

Credit to Author: Rudra Mitra| Date: Tue, 16 Sep 2025 16:00:00 +0000

The Microsoft Fabric and Purview teams are thrilled to participate in the European Microsoft Fabric Community Conference.

The post Microsoft Purview innovations for your Fabric data: Unify data security and governance for the AI era appeared first on Microsoft Security Blog.

Credit to Author: Joy Shah and Neha Kulkarni| Date: Fri, 05 Sep 2025 15:00:00 +0000

Microsoft Azure is announcing the start of Phase 2 multi-factor authentication enforcement at the Azure Resource Manager layer, starting October 1, 2025.

The post Azure mandatory multifactor authentication: Phase 2 starting in October 2025 appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 27 Aug 2025 16:00:00 +0000

Financially motivated threat actor Storm-0501 has continuously evolved their campaigns to achieve sharpened focus on cloud-based tactics, techniques, and procedures (TTPs). While the threat actor has been known for targeting hybrid cloud environments, their primary objective has shifted from deploying on-premises endpoint ransomware to using cloud-based ransomware tactics.

The post Storm-0501’s evolving techniques lead to cloud-based ransomware appeared first on Microsoft Security Blog.

Credit to Author: Rob Lefferts| Date: Wed, 27 Aug 2025 15:00:00 +0000

For a third year a row, Microsoft has been named the number one leader for endpoint security market share, as featured in a new IDC report.

The post Microsoft ranked number one in modern endpoint security market share third year in a row appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Incident Response| Date: Mon, 10 Feb 2025 17:00:00 +0000

Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time.

The post Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series appeared first on Microsoft Security Blog.