Since the Secure Future Initiative (SFI) began, we’ve dedicated the equivalent of 34,000 full-time engineers to SFI—making it the largest cybersecurity engineering effort in history. And now, we’re sharing key updates and milestones from the first SFI Progress Report.
Get the latest information on our engineering advancements and continued commitments to secure identities as part of the Secure Future Initiative.
In real-world customer engagements, Microsoft IR sees combinations of issues and misconfigurations that could lead to attacker access to customers’ Microsoft Entra ID tenants. Reducing risk and exposure of your most privileged accounts plays a critical role in preventing or detecting attempts at tenant-wide compromise.
Learn about the new Microsoft Purview features and capabilities announced at Microsoft Ignite 2023.
Microsoft has uncovered a supply chain attack by the threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload. The file, which was signed using a valid certificate issued to CyberLink Corp., is hosted on legitimate update infrastructure owned by the organization.
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
The Forrester Wave™: Unified Endpoint Management, Q4 2023 report recognizes Intune as a leader. Find out how it helps secure systems and simplify management, reduces costs, and frees up resources for creativity and innovation.
Microsoft recognized for the seventh straight year as a Leader in 2023 Gartner® Magic Quadrant™ for Access Management.
At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity, demonstrating Microsoft Threat Intelligence’s ongoing efforts to track threat actors, protect customers, and share information with the wider security community.
Thanks to our extensive experience in quantum engineering and expertise as a service and security provider, we can serve as a trusted partner to navigate this process across industry and government.
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Microsoft Incident Response and PwC have announced a new global alliance to expand their joint Incident Response and Recovery capability. In this partnership, Microsoft IR will begin the initial containment and investigation of a cyber incident, while PwC will work on securely rebuilding and restoring mission-critical system, providing customers with a more comprehensive and seamless incident response experience.
Microsoft security researchers recently identified an attack where attackers attempted to move laterally to a cloud environment through a SQL Server instance. The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment to gain access and elevated permissions to a Microsoft SQL Server instance deployed in an Azure Virtual Machine (VM). The attackers then used the acquired elevated permission to attempt to move laterally to additional cloud resources by abusing the server’s cloud identity.
