Neowin®

A new report claims that after a series of high-profile security breaches at Microsoft, the company is now concentrating on making improvements to its security features and services.

Microsoft has announced that a Russian hacker group has been exploiting an old Windows Print Spooler issue for as long as four years in order to "steal credentials in compromised networks."

A new report from Microsoft says that China-based hackers are using more AI-based methods to create social media posts designed to increase division in the United States and elsewhere.

Microsoft has confirmed that its Copilot for Security AI service is now generally available. It's accessible for Azure subscription users and it also employs a flexible pricing model.

Microsoft has announced that its Copilot for Security will become generally available on April 1, which the company says will offer faster completion of common security tasks with text prompts.

Microsoft has posted an update on the discovery that a Russian hacker group accessed its corporate email accounts. Apparently, it used the information to breach Microsoft's source code repositories.

Microsoft has announced new updates for its Secure Future Initiative plans. They include the use of CodeQL in all of its commercial products and a $1 million donation to the Rust Foundation.

Microsoft announced in a regulatory filing on Friday that a Russian intelligence group called Nobelium hacked into the email accounts of some of the company's top executives in November 2023

Microsoft has announced it is going after a Vietnam-based cybercriminal group it has labeled as Storm-1152, and has taken down sites used by the group to sell fraudulent Microsoft accounts.

Microsoft briefly blocked employees from using OpenAI's ChatGPT chatbot due to a testing bug that limited LLMs more broadly. Microsoft recommends using its own AI chatbot, Bing Chat.

Microsoft has announced it has made some behind the scenes updates to its Authenticator app that will now block notifications of phone numbers that it believes might have been sent by hackers

Microsoft has announced plans to beef up its cybersecurity efforts. It revealed plans for its Secure Future Initiative which will use AI and more advanced software engineering to combat cybercrime.

Microsoft has revealed that a threat actor labeled Storm-0324 is distributing malware by using "phishing lures through Microsoft Teams chats" that could be used to launch ransomware attacks.

In a recent security report, Microsoft says that Chinese operatives are using images created with AI apps to spread disinformation among US voters as the 2024 US presidential election gets closer.

In a report posted this week, Microsoft stated that a Chinese hacker group was able to get a Microsoft account (MSA) consumer key because a consumer signing system crash in April 2021 exposed the key.

Microsoft has uncovered China-based Flax Typhoon cyber espionage targeting Taiwan since 2021, a campaign exploiting server vulnerabilities. The company said government agencies are at risk.

Microsoft discovers a phishing attack by a Russian-backed hacker group. They are using compromised Microsoft 365 accounts to pose as tech support in Teams. The group targets govts, NGOs, and more.

The new access to security logs is a result of Microsoft working with the US Cybersecurity and Infrastructure Security Agency (CISA) to improve online security against cyberattacks.

In a security blog post, Microsoft said a group of Chinese hackers got access to an "inactive MSA consumer signing key" and used it to forge tokens to access Outlook email accounts.

The new weather names for threat actors from Microsoft Security are supposed to make it easier for people to identify the types of online security issues that Microsoft will be tracking.

A new security blog post from Microsoft says that accounting and tax return firms are the targets of a phishing campaign designed to deliver a remote access trojan to their computers.

Microsoft Security Copilot will allow computer security employees to ask a generative AI chatbot to find issues, create alert summaries, and more in a faster way to provide defenses against threats

The latest job cuts are still among the 10,000 employees that Microsoft said it would lay off a few months ago. The company said it would finalize those job cuts by the end of Q1 2023.

Canalys has revealed that the cybersecurity market grew year-over-year in the third quarter, despite worsening economic conditions. Nevertheless, small-to-medium businesses tightened their spending.

Microsoft has warned about a phishing campaign called "SEABORGIUM". The threat actors of SEABORGIUM first build up rapport with the targets before duping them to rob their data, like credentials.

New multi-cloud capabilities from Microsoft Security have been developed to secure the basis of hybrid work and digital transformations, delivering comprehensive protection to its customers.

Microsft said earlier today via a blog post that it will block all Office files (Access, Excel, PowerPoint, Visio, and Word), that contain VBA Macros, by default, to protect users from malware.

Microsoft had discovered a macOS security vulnerability inside the TCC that can allow an attacker to gain control over a Mac's various settings. A patch is already out via the macOS Monterey 12.1.

Microsoft has been accused of slashing bug bounty reward money by large amounts by several security researchers. One of them said his finding was worth just 10% compared to the earlier value.

Following the purchase of RiskIQ and ReFirm Labs, Microsoft has now acquired CloudKnox Security to offer unified privileged access and entitlement management in multi-cloud and hybrid environments.

Microsoft reported $10 billion in revenue in the 2020 calendar year for its security business. The company highlighted that its solutions are used by over 400,000 customers in 120 countries.

Microsoft has reported increased activity from hacking groups based in Russia, China, and Iran targeting the U.S. presidential elections. Both Biden and Trump campaigns have been attacked.