Credit to Author: Andy Greenberg, Matt Burgess| Date: Tue, 14 Oct 2025 01:00:00 +0000
With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted.
Read more
Credit to Author: Lily Hay Newman| Date: Sat, 11 Oct 2025 10:30:00 +0000
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more.
Read more
Credit to Author: Lily Hay Newman| Date: Fri, 10 Oct 2025 09:15:00 +0000
With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.
Read more
Credit to Author: Matt Burgess| Date: Fri, 10 Oct 2025 09:00:00 +0000
New research shows that North Koreans appear to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, résumés, and Social Security numbers.
Read moreCredit to Author: Microsoft Security Team| Date: Thu, 09 Oct 2025 16:00:00 +0000
Security is a core focus at Microsoft Ignite 2025, reflected in dedicated sessions and hands-on experiences designed for security professionals and leaders. Take a look at the session catalog.
The post Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Thu, 09 Oct 2025 15:00:00 +0000
Microsoft Threat Intelligence has identified a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts, attacks that have been dubbed “payroll pirate”.
The post Investigating targeted “payroll pirate” attacks affecting US universities appeared first on Microsoft Security Blog.
Read more
Credit to Author: Reece Rogers, Lily Hay Newman| Date: Thu, 09 Oct 2025 17:22:32 +0000
“We are going to do everything in our power to fight this,” says ICEBlock developer Joshua Aaron after Apple removed his app from the App Store.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Tue, 07 Oct 2025 17:00:00 +0000
Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps, and network layers to help strengthen protection for enterprise Teams users.
The post Disrupting threats targeting Microsoft Teams appeared first on Microsoft Security Blog.
Read moreCredit to Author: Hammad Rajjoub| Date: Tue, 07 Oct 2025 16:00:00 +0000
Microsoft Secure Future Initiative (SFI) patterns and practices are practical, actionable, insights from practitioners for practitioners based on Microsoft’s implementation of Zero Trust through the Microsoft Secure Future Initiatives. By adopting these patterns, organizations can accelerate their security maturity, reduce implementation friction, and build systems that are more secure by design, default, and in operation.
The post New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security appeared first on Microsoft Security Blog.
Read moreCredit to Author: Elliot Volkman| Date: Mon, 06 Oct 2025 21:00:00 +0000
Incident response is never orderly. Threat actors don’t wait. Environments are compromised. Data is missing. Confidence is shaken. But for Microsoft’s Incident Response (IR) team, that chaos is exactly where the work begins.
The post Inside Microsoft Threat Intelligence: Calm in the chaos appeared first on Microsoft Security Blog.
Read more