Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that...

In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip,...

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. The bloom is back on...

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and...

The security bug could crop up, so to speak, in any number of Java applications. NOTE: This post is about the confirmed and patched...

Both vulnerabilities are use-after-free issues in Mozilla’s popular web browser. Mozilla has released an emergency update for its Firefox...

Here’s what cybersecurity watchers want infosec pros to know heading into 2022. No one could have predicted the sheer chaos the...

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently...

Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that...

Three years ago, as part of Microsoft’s mission to empower people and organizations to achieve more, we announced that we were incubating...

The current threat landscape is rapidly advancing, with cybercriminals constantly upgrading their toolset to break through security...

Microsoft’s August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and...

Agency warns attackers targeting teleworkers to steal corporate data. The U.S. National Security Agency is offering advice to security...

There are patches or remediation's for all of them, but they’re still being picked apart. Why should attackers stop if the flaws remain...

Keeper research reveals that in addition to knocking systems offline, ransomware attacks degrade productivity, cause organizations to...

A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create new accounts on systems. A privilege...

Passwords are essential to your cyber-safety. You know it, but if you’re like the rest of the digital society, you probably have dozens...