Microsoft Security Blog

Microsoft Security Blog Expert coverage of cybersecurity topics

  • Defending against evolving identity attack techniques
    by Igor Sakhnov on 29 May 2025 at 5:00 pm

    Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like passkeys, can improve security against these evolving threats. The post Defending against evolving identity attack techniques appeared first on Microsoft Security Blog.

  • How to deploy AI safely
    by Yonatan Zunger on 29 May 2025 at 4:00 pm

    Microsoft Deputy CISO Yonatan Zunger shares tips and guidance for safely and efficiently implementing AI in your organization. The post How to deploy AI safely appeared first on Microsoft Security Blog.

  • The future of AI agents—and why OAuth must evolve
    by Alex Simons on 27 May 2025 at 4:00 pm

    Our industry needs to continue working together on identity standards for agent access across systems. Read about how Microsoft is building a robust and sophisticated set of agents. The post The future of AI agents—and why OAuth must evolve appeared first on Microsoft Security Blog.

  • New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
    by Microsoft Threat Intelligence on 27 May 2025 at 9:45 am

    Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to Russia, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America. The post New Russia-affiliated actor Void Blizzard targets critical sectors for espionage appeared first on Microsoft Security Blog.

  • Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
    by Microsoft Threat Intelligence, Microsoft Digital Crimes Unit and Microsoft Security Experts on 21 May 2025 at 4:00 pm

    Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law enforcement, facilitated the disruption of Lumma infrastructure. The post Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer appeared first on Microsoft Security Blog.