Mastodawn

Urgent: 80,000+ Microsoft Entra ID accounts targeted in active takeover campaign. #MicrosoftSecurity #Cybersecurity #AccountTakeover

More details: https://www.helpnetsecurity.com/2025/06/12/researchers-warn-of-ongoing-entra-id-account-takeover-campaign - https://www.flagthis.com/news/16683

flagthis 4d ago

Microsoft's June Patch Tuesday addresses 67 vulnerabilities, including 10 critical ones; one already exploited. #PatchTuesday #MicrosoftSecurity #Cybersecurity

More details: https://cyberscoop.com/microsoft-patch-tuesday-june-2025/ - https://www.flagthis.com/news/16554

techi Jun 3

Big Tech Unites to End Hacker Name Chaos with Unified Cyber Glossary.

Microsoft, Google, Crowd Strike, and Palo Alto Networks are building a shared glossary of hacker group names to cut alias confusion and boost global cyber threat coordination.

#CyberSecurity
#HackerGlossary
#ThreatIntel
#MicrosoftSecurity
#GoogleCybersecurity
#CrowdStrike
#PaloAltoNetworks
#APTGroups

Read Full article from here : https://www.techi.com/tech-giants-unite-cyber-threat-glossary-simplify-hacker-names/

Andreas Klopsch May 27

🔍 New Threat Actor Alert: Void Blizzard

Microsoft Threat Intelligence has identified Void Blizzard—a newly observed Russia-affiliated threat actor engaged in cyberespionage across critical sectors including government, defense, healthcare, transportation, media, and NGOs, especially in Europe and North America.

🛡️ Stay vigilant. Read the full analysis from Microsoft:

https://www.microsoft.com/en-us/security/blog/2025/05/27/new-russia-affiliated-actor-void-blizzard-targets-critical-sectors-for-espionage/

#Cybersecurity #ThreatIntelligence #VoidBlizzard #Phishing #CyberEspionage #MicrosoftSecurity

New Russia-affiliated actor Void Blizzard targets critical sectors for espionage | Microsoft Security Blog

Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to Russia, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America.

Microsoft Security Blog

flagthis May 15

Microsoft's Patch Tuesday fixes 78 vulnerabilities, including 5 actively exploited zero-days. #PatchTuesday #MicrosoftSecurity #Cybersecurity

More details: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400 - https://www.flagthis.com/news/15010

Security Update Guide - Microsoft Security Response Center

Brian Greenberg

Apr 30

🔐 Microsoft’s April 2025 update to the Cybersecurity Reference Architecture (MCRA) is a must-read for security leaders.

This comprehensive guide offers:
🧠 Expanded role of Security Copilot beyond traditional SecOps
🔑 Integration of Entra Verified ID and passkeys for enhanced identity management
📊 Transition from Secure Score to Exposure Management for better risk assessment
📈 Updated threat intelligence processing over 78 trillion signals daily

The MCRA serves as a blueprint for implementing Zero Trust principles across diverse environments, including multicloud, IoT, and operational technology.
#CyberSecurity #ZeroTrust #MCRA #MicrosoftSecurity #security #privacy #cloud #infosec
https://learn.microsoft.com/en-us/security/adoption/mcra

Microsoft Cybersecurity Reference Architectures (MCRA)

Detailed technical reference architectures for multicloud cybersecurity including Microsoft and third party platforms

Foresight Cyber Apr 23

🔒 Microsoft’s April 2025 Patch Tuesday is here — and it’s a big one.

This month, 134 vulnerabilities were addressed, including an actively exploited zero-day. Critical fixes targeted Remote Procedure Call (RPC), Microsoft Dynamics 365, and the Windows Print Spooler service.

📌 Key highlights:
⚠️ 1 actively exploited zero-day vulnerability
🛡️ Major updates for Windows, DNS Server, SQL Server, and Dynamics 365
🆕 Announcement of Windows Autopatch, an automated update service for enterprise environments

Cyber hygiene starts with timely patching — make sure your environments are up to date! #CyberSecurity #PatchTuesday #InfoSec #MicrosoftSecurity #VulnerabilityManagement

flagthis Apr 14

Microsoft strengthens Exchange & SharePoint server security via AMSI integration, thwarting recent attacks. #Cybersecurity #MicrosoftSecurity #ServerSecurity

More details: https://www.microsoft.com/en-us/security/blog/2025/04/09/stopping-attacks-against-on-premises-exchange-server-and-sharepoint-server-with-amsi - https://www.flagthis.com/news/12911

Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI | Microsoft Security Blog

Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their environments and respond to these attacks, Exchange Server and SharePoint Server integrated Windows Antimalware Scan Interface (AMSI), providing an essential layer of protection by preventing harmful web requests from reaching backend endpoints. The blog outlines several attacks prevented by AMSI integration and highlights recent enhancements. The blog also provides protection and mitigation guidance and how defenders can respond.

Microsoft Security Blog