Microsoft unveils Microsoft Security Copilot agents and new protections for AI
Learn about the upcoming availability of Microsoft Security Copilot agents and other new offerings for a more secure AI future.
Latest posts
Transforming security with Microsoft Security Exposure Management initiatives
Microsoft Secure Score is important, but the increasing sophistication of security requirements has driven the development of more comprehensive security initiatives using Microsoft Security Exposure Management.
Explore how to secure AI by attending our Learn Live Series
Register to attend one or all our Learn Live sessions to learn how to secure your environment for AI adoption.
The ultimate guide to Microsoft Security at RSAC 2025
For RSAC 2025, Microsoft Security is bringing an exciting lineup of sessions, expert panels, and exclusive networking opportunities to empower security professionals in the era of AI.
Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI
Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their environments and respond to these attacks, Exchange Server and SharePoint Server integrated Windows Antimalware Scan Interface (AMSI), providing an essential layer of protection by preventing harmful web requests from reaching backend endpoints. The blog outlines several attacks prevented by AMSI integration and highlights recent enhancements. The blog also provides protection and mitigation guidance and how defenders can respond.
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
How cyberattackers exploit domain controllers using ransomware
Read how cyberattackers exploit domain controllers to gain privileged system access where they deploy ransomware that causes widespread damage and operational disruption.
Exploitation of CLFS zero-day leads to ransomware activity
Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. Microsoft released security updates to address the vulnerability, tracked as CVE 2025-29824, on April 8, 2025.
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity
Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy CISOs share their experiences in cybersecurity and how they are redefining protection.
Tech Accelerator: Azure security and AI adoption
During the Tech Accelerator event on April 22, 2025, you will learn how to leverage Microsoft security guidance, products, and tooling throughout your cloud journey.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Threat actors leverage tax season to deploy tax-themed phishing campaigns
As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.
Transforming public sector security operations in the AI era
Read how Microsoft’s unified security operations platform can use generative AI to transform cybersecurity for the public sector.
Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot. Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability in the GRUB2, U-boot, and Barebox bootloaders.
New innovations in Microsoft Purview for protected, AI-ready data
Microsoft Purview delivers a comprehensive set of solutions that help customers seamlessly secure and confidently activate data in the era of AI.