After getting hold of the login details of a Microsoft customer support agent, threat actors obtained sensitive email account data of a limited number of users of Microsoft email services (such as @hotmail.com and @msn.com) between January 1 and March 28 of this year. The compromised information includes email addresses,

The 24th volume of Microsoft’s Security Intelligence Report shows that phishing surged in 2018. The detected 250% increase in phishing attacks last year confirms similar findings of other recent studies. The research also confirmed that threat actors are moving away from ransomware and malicious software (malware) in general, as malware

Microsoft is investigating a cyber attack campaign by Russian hacking group Fancy Bear, also known as APT 28. The campaign lasted from September to December of last year and targeted think tanks in Europe, including the German Council on Foreign Relations, The Aspen Institute and The German Marshall Fund. The

As part of Patch Tuesday, Microsoft and Adobe each released over 70 fixes for security flaws in their products. One of the Microsoft patches addresses a privilege escalation vulnerability affecting Microsoft’s Exchange server, which is likely to be under active exploitation. According to Dustin Childs of Trend Micro, the flaw “allows

Microsoft has fixed a total of 49 vulnerabilities as part of January’s Patch Tuesday, including 7 critical, 40 important and 2 moderate flaws. Almost half of all patched bugs were remote code execution (RCE) vulnerabilities, eleven of which involved the Jet Database Engine. However, some experts note that when it

“While Silicon Valley workers continue to protest their employers selling artificial intelligence products to the U.S. military, the U.S. military is still looking to spend money on AI. The Army Research Lab, the Project Maven team, and the Defense Department’s Joint Artificial Intelligence Center will host technology companies later this month in

“A new phishing report has been released that keeps track of the top 25 brands targeted by bad actors. Of these brands, Microsoft, Paypal, and Netflix are the top brands impersonated by phishing attacks. Email security provider Vade Secure tracks the 25 most spoofed brands in North America that are impersonated in

“Microsoft is making moves to target a growing multibillion market: hosting, storing and running the U.S. government’s most sensitive classified secrets and data. On Tuesday, the software giant announced it will join rival Amazon as the only commercial cloud providers with the security capabilities to host secret classified data by

“Fileless malware attacks, or incidents where the malicious payload doesn’t touch the disk, but is executed directly in memory instead, are on the rise, Microsoft says. Attacks that leverage fileless techniques are not new, but were recently adopted by a broader range of malware. A couple of years ago, the

“Microsoft Corp. has detected and seized web domains created by cyber-attackers linked to the Russian military, in a potential attempt to manipulate and disrupt the U.S. midterm elections. The shadowy group, known as Strontium, created domains that mimicked organizations such as the International Republican Institute and Hudson Institute so intended