Microsoft Archives

(Photo by John Smith/VIEWpress/Getty Images)

Threat researchers spot ‘device code’ phishing attacks targeting Microsoft accounts

Suspected Russian nation-state threat groups have duped multiple victims into granting potentially persistent access to networks via authentication requests and valid tokens.

6 days ago By Matt Kapko

Cars drive past the headquarters of the Russian General Staff’s Main Intelligence Department (GRU) in Moscow on December 30, 2016. (Photo by NATALIA KOLESNIKOVA/AFP via Getty Images)

Russian state threat group shifts focus to US, UK targets

A subgroup of Seashell Blizzard exploited public vulnerabilities in internet-facing systems, Microsoft researchers said.

Feb 12, 2025 By Matt Kapko

The Microsoft logo is visible through a grid of its French headquarters on Jan. 25, 2023 in Issy-les-Moulineaux. (Photo by Chesnot/Getty Images)

Microsoft fixes 63 vulnerabilities, including 2 zero-days

The company’s monthly Patch Tuesday update comes with more than two-thirds of the patches closing high-severity flaws.

Feb 11, 2025 By Matt Kapko

A screen shows a virtual meeting with Microsoft Teams at ISE 2024 on January 30, 2024 in Barcelona, Spain. (Photo by Cesc Maymo/Getty Images)

Ransomware groups pose as fake tech support over Teams

A researcher at Sophos told CyberScoop that the company observed these tactics being used against multiple individuals and at least 15 organizations.

Jan 21, 2025 By Derek B. Johnson

A picture taken on March 23, 2022 in Moscow shows the US instant messaging software Whatsapp logo on a smartphone screen.(Photo by -/AFP via Getty Images)

Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp

Star Blizzard, known to be part of Russia’s FSB, moved schemes to the messaging platform last November.

Jan 16, 2025 By Greg Otto

Jack Cable, who is departing his role as CISA’s senior technical adviser, speaks at an event. (Photo courtesy of Jack Cable)

A CISA secure-by-design guru makes the case for the future of the initiative

The initiative had led to tangible changes, Jack Cable said upon his exit from the agency as senior technical adviser.

Jan 16, 2025 By Tim Starks

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

Microsoft fixes 159 vulnerabilities in first Patch Tuesday of 2025

In its latest security update, Microsoft has addressed a total of 159 vulnerabilities, covering a broad spectrum of the tech giant’s products, including .NET, Visual Studio, Microsoft…

Jan 14, 2025 By Greg Otto

Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures

The defendants used stolen API keys to gain access to devices and accounts with Microsoft’s Azure OpenAI service, which they then used to generate “thousands” of images…

Jan 10, 2025 By Derek B. Johnson

Turla was able bypass traditional security measures and gain long-term access to Ukrainian military networks. (Getty Images)

Turla living off other cybercriminals’ tools in order to attack Ukrainian targets

A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed.…

Dec 11, 2024 By Greg Otto

The Microsoft logo is illuminated on a wall during a Microsoft launch event on May 2, 2017 in New York City. (Photo by Drew Angerer/Getty Images)

Microsoft closes 2024 with extensive security update

Adobe, too.

Dec 10, 2024 By Greg Otto