When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.
A PowerShell script being used in a novel malware campaign may have been created by AI, according to security researchers at Proofpoint.
In what is the largest security patch of the year, Microsoft has released 147 CVEs (Common Vulnerabilities and Exposures) for April.
Microsoft this week announced that those looking for extended support for Windows 10 after its end of life date of Oct. 14, 2025 will pay $61 per device for the first year, for some enterprise customers.
A federal review board concluded that lax security practices by Microsoft contributed to the Outlook hack by a Chinese hacker group last year in a comprehensive 34-page report.
As previously reported, Microsoft Copilot for Security reached general availability on Monday.
Microsoft this week gave a nod to Azure developers looking for more scalable ways to build accurate and secure generative AI applications on its cloud.
Microsoft on Wednesday announced that the Microsoft Copilot for Security artificial intelligence-enhanced security tool will reach the "general availability" commercial-release stage on April 1.
Microsoft's monthly security patch has arrived with just two items rated "critical" out of the total 60 bulletins for March.
Microsoft has announced that Enterprise and Education versions of Windows 10 version 21H2 will lose support on June 11, 2024.
Microsoft this week provided an update on the "Midnight Blizzard" purported nation-state attack that had compromised its corporate e-mails late last year.
Microsoft on Wednesday offered a progress report on its "Secure Future Initiative."
The U.S. Cybersecurity and Infrastructure Security Agency, along with other government partners, issued a new alert this week about the compromise of some Ivanti virtual private network (VPN) technologies.
Health insurance provider UnitedHealth Group has confirmed that it and its network of partners have been attacked by a high-profile hacker group.
Microsoft this week announced a new policy for compelling reauthentications for organizations using the Microsoft Entra Conditional Access service.
After releasing the first version of its Cybersecurity Framework in 2014, the National Institute of Standards and Technology (NIST) has released its first update to the guidance document.
In the realm of IT security, the practice known as red teaming -- where a company's security personnel play the attacker to test system defenses -- has always been a challenging and resource-intensive task. Microsoft aims to streamline and enhance this process for generative AI systems with its latest offering.
Tech giants are coming together to combat misinformation that may arise during this year's election season.
Microsoft and OpenAI have shut down five state-sponsored hacking groups that were using OpenAI's large language models "in support of malicious cyber activities," per announcements this week.
Microsoft's February patch arrived on Tuesday with fixes for two zero-day vulnerabilities and an additional 70 flaws.