Microsoft Archives

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.

3 days ago By Matt Kapko

A view of the Microsoft corporate logo in front of the Microsoft Office building on 41st street and 8th avenue on July 19, 2024 in New York City. (Photo by Craig T Fruchtman/Getty Images)

Microsoft patches 57 vulnerabilities, including 6 zero-days

More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update are high-severity flaws.

Mar 11, 2025 By Matt Kapko

(Photo by Horacio Villalobos#Corbis/Corbis via Getty Images)

Microsoft IDs developers behind alleged generative AI hacking-for-hire scheme

An amended complaint identifies a number of overseas individuals as key players “at the center of a global cybercrime network” that sold access to jailbroken generative AI…

Feb 27, 2025 By Derek B. Johnson

Microsoft’s Ian Leatherman on how AI boosts government zero-trust efforts

Ian Leatherman | Zero Trust Strategist, Security Solutions Group | Microsoft

Feb 27, 2025 By Scoop News Group

(Photo by John Smith/VIEWpress/Getty Images)

Threat researchers spot ‘device code’ phishing attacks targeting Microsoft accounts

Suspected Russian nation-state threat groups have duped multiple victims into granting potentially persistent access to networks via authentication requests and valid tokens.

Feb 14, 2025 By Matt Kapko

Cars drive past the headquarters of the Russian General Staff’s Main Intelligence Department (GRU) in Moscow on December 30, 2016. (Photo by NATALIA KOLESNIKOVA/AFP via Getty Images)

Russian state threat group shifts focus to US, UK targets

A subgroup of Seashell Blizzard exploited public vulnerabilities in internet-facing systems, Microsoft researchers said.

Feb 12, 2025 By Matt Kapko

The Microsoft logo is visible through a grid of its French headquarters on Jan. 25, 2023 in Issy-les-Moulineaux. (Photo by Chesnot/Getty Images)

Microsoft fixes 63 vulnerabilities, including 2 zero-days

The company’s monthly Patch Tuesday update comes with more than two-thirds of the patches closing high-severity flaws.

Feb 11, 2025 By Matt Kapko

A screen shows a virtual meeting with Microsoft Teams at ISE 2024 on January 30, 2024 in Barcelona, Spain. (Photo by Cesc Maymo/Getty Images)

Ransomware groups pose as fake tech support over Teams

A researcher at Sophos told CyberScoop that the company observed these tactics being used against multiple individuals and at least 15 organizations.

Jan 21, 2025 By Derek B. Johnson

A picture taken on March 23, 2022 in Moscow shows the US instant messaging software Whatsapp logo on a smartphone screen.(Photo by -/AFP via Getty Images)

Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp

Star Blizzard, known to be part of Russia’s FSB, moved schemes to the messaging platform last November.

Jan 16, 2025 By Greg Otto

Jack Cable, who is departing his role as CISA’s senior technical adviser, speaks at an event. (Photo courtesy of Jack Cable)

A CISA secure-by-design guru makes the case for the future of the initiative

The initiative had led to tangible changes, Jack Cable said upon his exit from the agency as senior technical adviser.

Jan 16, 2025 By Tim Starks