Microsoft

Credit to Author: Joey Snow| Date: Wed, 30 Apr 2025 18:00:00 +0000

At Microsoft Build 2025, we’re bringing together security engineers, researchers, and developers to share practical tips and modern best practices to help you ship secure code faster.

The post 14 secure coding tips: Learn from the experts at Microsoft Build appeared first on Microsoft Security Blog.

Credit to Author: Maria Thomson| Date: Tue, 29 Apr 2025 15:00:00 +0000

Congratulations to the winners of the Microsoft Security Excellence Awards that recognize the innovative defenders who have gone above and beyond.

The post Microsoft announces the 2025 Security Excellence Awards winners appeared first on Microsoft Security Blog.

Credit to Author: Talal Alqinawi| Date: Mon, 28 Apr 2025 16:00:00 +0000

Secure, cloud-based endpoint management helps healthcare providers empower frontline staff and improve patient care.

The post Faster, more personalized service begins at the frontline with Microsoft Intune appeared first on Microsoft Security Blog.

Credit to Author: Raman Kalyan| Date: Fri, 25 Apr 2025 16:00:00 +0000

Microsoft presents best practices for securing data and optimizing Microsoft Purview implementation, emphasizing the integration of people, processes, and technology.

The post ​​Explore practical best practices to secure your data with Microsoft Purview​​ appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Incident Response| Date: Mon, 10 Feb 2025 17:00:00 +0000

Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time.

The post Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 06 Feb 2025 18:00:00 +0000

Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to launch ViewState code injection attacks and perform malicious actions on target servers.

The post Code injection attacks using publicly disclosed ASP.NET machine keys appeared first on Microsoft Security Blog.

Credit to Author: Benjamin Lim| Date: Mon, 03 Feb 2025 17:00:00 +0000

Security events offer a valuable opportunity to learn about the latest trends and solutions, evolve your skills for cyberthreats, and meet like-minded security professionals. See where you can meet Microsoft Security in 2025.

The post Hear from Microsoft Security experts at these top cybersecurity events in 2025 appeared first on Microsoft Security Blog.

Credit to Author: Joy Chik| Date: Tue, 28 Jan 2025 17:00:00 +0000

Adopting proactive defensive measures is the only way to get ahead of determined efforts to compromise identities and gain access to your environment.

The post 3 priorities for adopting proactive identity and access security in 2025 appeared first on Microsoft Security Blog.