Microsoft Security Blog

Microsoft Security Blog Expert coverage of cybersecurity topics

  • Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog
    by Microsoft Security Team on 9 October 2025 at 4:00 pm

    ​Security is a core focus at Microsoft Ignite 2025, reflected in dedicated sessions and hands-on experiences designed for security professionals and leaders. Take a look at the session catalog. The post Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog appeared first on Microsoft Security Blog.

  • Investigating targeted “payroll pirate” attacks affecting US universities
    by Microsoft Threat Intelligence on 9 October 2025 at 3:00 pm

    Microsoft Threat Intelligence has identified a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts, attacks that have been dubbed “payroll pirate”. The post Investigating targeted “payroll pirate” attacks affecting US universities appeared first on Microsoft Security Blog.

  • Disrupting threats targeting Microsoft Teams
    by Microsoft Threat Intelligence on 7 October 2025 at 5:00 pm

    Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps, and network layers to help strengthen protection for enterprise Teams users. The post Disrupting threats targeting Microsoft Teams appeared first on Microsoft Security Blog.

  • New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security
    by Hammad Rajjoub on 7 October 2025 at 4:00 pm

    Microsoft Secure Future Initiative (SFI) patterns and practices are practical, actionable, insights from practitioners for practitioners based on Microsoft’s implementation of Zero Trust through the Microsoft Secure Future Initiatives. By adopting these patterns, organizations can accelerate their security maturity, reduce implementation friction, and build systems that are more secure by design, default, and in operation.   The post New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security appeared first on Microsoft Security Blog.

  • Inside Microsoft Threat Intelligence: Calm in the chaos
    by Elliot Volkman on 6 October 2025 at 9:00 pm

    Incident response is never orderly. Threat actors don’t wait. Environments are compromised. Data is missing. Confidence is shaken. But for Microsoft’s Incident Response (IR) team, that chaos is exactly where the work begins. The post Inside Microsoft Threat Intelligence: Calm in the chaos appeared first on Microsoft Security Blog.