#microsoftsecurity — Public Fediverse posts

https://winbuzzer.com/2026/05/21/microsoft-alert-emails-abused-to-deliver-scam-links-xcxwbn/

Scammers are abusing Microsoft's trusted account-notification email channel to send spam or phishing links that can look like legitimate Microsoft alerts.

#MicrosoftAccount #Microsoft #Cybersecurity #Cybercrime #PhishingAttacks #MicrosoftSecurity #ExchangeOnline

AI-powered defense for an AI-accelerated threat landscape https://www.yayafa.com/2799125/ #AgenticAi #AI #ArtificialGeneralIntelligence #ArtificialIntelligence #Copilot #Microsoft #MicrosoftAI #MicrosoftCopilot #MicrosoftDefender #MicrosoftSecurity #エージェント型AI #人工知能 #汎用人工知能

Protect your business data with smarter security strategies! 🔐 Learn how sensitivity labels and data protection policies help safeguard confidential information, ensure compliance, and reduce risks across your organization. Discover practical insights to strengthen your Microsoft security framework and improve governance.
Read the full blog now : https://www.exinent.com/sensitivity-labels-data-protection-policies/
#Exinent #DataProtection #CyberSecurity #MicrosoftSecurity #InformationSecurity #Compliance #CloudSecurity #SensitivityLabels

https://winbuzzer.com/2026/04/10/fbi-disrupts-russian-dns-hijack-network-targeting-microsoft-xcxwbn/

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

https://winbuzzer.com/2026/04/10/fbi-disrupts-russian-dns-hijack-network-targeting-microsoft-xcxwbn/

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

https://winbuzzer.com/2026/04/10/fbi-disrupts-russian-dns-hijack-network-targeting-microsoft-xcxwbn/

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

https://winbuzzer.com/2026/04/10/fbi-disrupts-russian-dns-hijack-network-targeting-microsoft-xcxwbn/

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

https://winbuzzer.com/2026/04/10/fbi-disrupts-russian-dns-hijack-network-targeting-microsoft-xcxwbn/

FBI Disrupts Russian DNS Hijack Network Targeting Microsoft 365

#Microsoft #Microsoft365 #Russia #Routers #Cybersecurity #CyberThreats #Malware #Cyberespionage #Hackers #MicrosoftSecurity #ThreatActors #Hacking #SecurityThreats #Authentication #Cyberattacks

クラウド環境の破壊型サイバー攻撃に備えるために Microsoft Entra ID のネイティブバックアップを試してみる
https://qiita.com/hirotomotaguchi/items/e92b4c5c5c2c9dfa4c7b?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Azure #Microsoft365 #EntraID #MicrosoftEntra #MicrosoftSecurity

クラウド環境の破壊型サイバー攻撃に備えるために Microsoft Entra ID のネイティブバックアップを試してみる
https://qiita.com/hirotomotaguchi/items/e92b4c5c5c2c9dfa4c7b?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Azure #Microsoft365 #EntraID #MicrosoftEntra #MicrosoftSecurity

https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/

Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In

#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys

https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/

Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In

#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys

https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/

Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In

#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys

https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/

Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In

#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys

https://winbuzzer.com/2026/03/11/microsoft-entra-passkeys-windows-phishing-resistant-sign-in-xcxwbn/

Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In

#Microsoft #MicrosoftEntra #MicrosoftEntraID #Cybersecurity #Authentication #Passwordless #CloudSecurity #MicrosoftSecurity #WindowsSecurity #Microsoft365 #EntraPasskeys

https://winbuzzer.com/2026/02/09/microsoft-exchange-online-flags-legitimate-emails-phishing-xcxwbn/

Microsoft Exchange Online Falsely Flags Legitimate Emails as Phishing

#ExchangeOnline #Microsoft #Cybersecurity #Security #MicrosoftExchange #PhishingAttacks #BigTech #Email #MicrosoftSecurity #Cloud #Phishing #MicrosoftCloud

https://winbuzzer.com/2026/02/09/microsoft-exchange-online-flags-legitimate-emails-phishing-xcxwbn/

Microsoft Exchange Online Falsely Flags Legitimate Emails as Phishing

#ExchangeOnline #Microsoft #Cybersecurity #Security #MicrosoftExchange #PhishingAttacks #BigTech #Email #MicrosoftSecurity #Cloud #Phishing #MicrosoftCloud

https://winbuzzer.com/2026/02/09/microsoft-exchange-online-flags-legitimate-emails-phishing-xcxwbn/

Microsoft Exchange Online Falsely Flags Legitimate Emails as Phishing

#ExchangeOnline #Microsoft #Cybersecurity #Security #MicrosoftExchange #PhishingAttacks #BigTech #Email #MicrosoftSecurity #Cloud #Phishing #MicrosoftCloud

https://winbuzzer.com/2026/02/09/microsoft-exchange-online-flags-legitimate-emails-phishing-xcxwbn/

Microsoft Exchange Online Falsely Flags Legitimate Emails as Phishing

#ExchangeOnline #Microsoft #Cybersecurity #Security #MicrosoftExchange #PhishingAttacks #BigTech #Email #MicrosoftSecurity #Cloud #Phishing #MicrosoftCloud

https://winbuzzer.com/2026/02/09/microsoft-exchange-online-flags-legitimate-emails-phishing-xcxwbn/

Microsoft Exchange Online Falsely Flags Legitimate Emails as Phishing

#ExchangeOnline #Microsoft #Cybersecurity #Security #MicrosoftExchange #PhishingAttacks #BigTech #Email #MicrosoftSecurity #Cloud #Phishing #MicrosoftCloud

RE: https://infosec.exchange/@franklesniak/115572191076370399

#ActiveDirectory #EntraID #IdentityManagement #AccessManagement #IdentitySecurity #ZeroTrust #GroupPolicy #ConditionalAccess #PrivilegedIdentity #PrivilegedIdentityManagement #PrivilegedAccessManagement #MicrosoftSecurity #PingCastle #PurpleKnight #Maester #DigitalIdentity

RE: https://infosec.exchange/@franklesniak/115572191076370399

#ActiveDirectory #EntraID #IdentityManagement #AccessManagement #IdentitySecurity #ZeroTrust #GroupPolicy #ConditionalAccess #PrivilegedIdentity #PrivilegedIdentityManagement #PrivilegedAccessManagement #MicrosoftSecurity #PingCastle #PurpleKnight #Maester #DigitalIdentity

RE: https://infosec.exchange/@franklesniak/115572191076370399

#ActiveDirectory #EntraID #IdentityManagement #AccessManagement #IdentitySecurity #ZeroTrust #GroupPolicy #ConditionalAccess #PrivilegedIdentity #PrivilegedIdentityManagement #PrivilegedAccessManagement #MicrosoftSecurity #PingCastle #PurpleKnight #Maester #DigitalIdentity

RE: https://infosec.exchange/@franklesniak/115572191076370399

#ActiveDirectory #EntraID #IdentityManagement #AccessManagement #IdentitySecurity #ZeroTrust #GroupPolicy #ConditionalAccess #PrivilegedIdentity #PrivilegedIdentityManagement #PrivilegedAccessManagement #MicrosoftSecurity #PingCastle #PurpleKnight #Maester #DigitalIdentity

Microsoft is retiring Defender Application Guard, and now it's time for a security reboot. Discover how layered defenses like ASR rules, WDAC, and Zero Trust are stepping up to keep your data safe in a new era of cyber threats.

https://thedefendopsdiaries.com/strengthening-security-after-defender-application-guard-retirement-microsoft-recommended-alternatives/

#defenderapplicationguard
#microsoftsecurity
#attackreduction
#zerotrust
#cloudappsecurity

Microsoft Edge Now Syncs Passkeys Across Windows Devices, Bolstering Passwordless Push

#Microsoft #MicrosoftEdge #Passkeys #Cybersecurity #Passwordless #Windows11 #Authentication #DigitalIdentity #Privacy #MicrosoftSecurity #BigTech

https://winbuzzer.com/2025/11/04/microsoft-edge-now-syncs-passkeys-across-windows-devices-bolstering-passwordless-push-xcxwbn

Sentinel Saturday!

🏷️ Tag and Track Incidents with Custom Incident Labels

Keeping your SOC organised can be tough, especially when multiple analysts are tackling dozens of incidents at once or if you are managing an MSSP.

This week’s #SentinelSaturday covers how custom incident labels in Microsoft Sentinel can bring order to the chaos. From tracking investigation stages to grouping related threats, labels are a simple way to improve visibility, collaboration, and reporting.

👉 Check out the post, try adding meaningful labels to your own incidents, and see how it transforms your workflow. https://marshsecurity.org/sentinel-saturdays-tag-and-track-incidents-with-custom-incident-labels/

💬 How do you label and categorise incidents in your environment? Drop your ideas in the comments. Let’s share what works for our own environments!

🔁 If you find this helpful, give it a like or share it with your Sentinel team.
#MicrosoftSentinel #SentinelSaturdays #CyberSecurity #SOC #ThreatDetection #IncidentResponse #MicrosoftSecurity

Overlooked WSUS configurations could be your network's Achilles' heel—hackers can seize SYSTEM-level control with zero user input. Microsoft's rapid patch is out. Is your server safe?

https://thedefendopsdiaries.com/critical-wsus-vulnerability-cve-2025-59287-immediate-action-required-to-prevent-network-wide-attacks/

#wsus
#cve202559287
#windowsserver
#remotecodeexecution
#cybersecurity
#patchmanagement
#networksecurity
#microsoftsecurity
#zeroday

One click in File Explorer could have given hackers access to your credentials—until Microsoft's new update shut it down. Curious how this simple tweak is tightening Windows security?

https://thedefendopsdiaries.com/microsoft-disables-file-explorer-preview-pane-for-downloads-to-block-ntlm-credential-theft/

#microsoftsecurity
#ntlmtheft
#windowsupdate
#credentialprotection
#cyberthreats

🚨 CISA Updates KEV Catalog – 5 New Vulnerabilities Added
Actively exploited vulnerabilities now include Apple, Microsoft SMB Client, Oracle E-Business SSRF, and Kentico Xperience servers.

💡 Timely remediation is essential to protect enterprise networks. KEV Catalog prioritization should be part of your vulnerability management program.

💬 How is your organization implementing KEV patches? Comment & follow TechNadu for continuous cyber alerts.

#CyberSecurity #CISA #KEVCatalog #ZeroDay #PatchManagement #VulnerabilityManagement #MicrosoftSecurity

🚨 CISA Updates KEV Catalog – 5 New Vulnerabilities Added
Actively exploited vulnerabilities now include Apple, Microsoft SMB Client, Oracle E-Business SSRF, and Kentico Xperience servers.

💡 Timely remediation is essential to protect enterprise networks. KEV Catalog prioritization should be part of your vulnerability management program.

💬 How is your organization implementing KEV patches? Comment & follow TechNadu for continuous cyber alerts.

#CyberSecurity #CISA #KEVCatalog #ZeroDay #PatchManagement #VulnerabilityManagement #MicrosoftSecurity

🚨 CISA Updates KEV Catalog – 5 New Vulnerabilities Added
Actively exploited vulnerabilities now include Apple, Microsoft SMB Client, Oracle E-Business SSRF, and Kentico Xperience servers.

💡 Timely remediation is essential to protect enterprise networks. KEV Catalog prioritization should be part of your vulnerability management program.

💬 How is your organization implementing KEV patches? Comment & follow TechNadu for continuous cyber alerts.

#CyberSecurity #CISA #KEVCatalog #ZeroDay #PatchManagement #VulnerabilityManagement #MicrosoftSecurity

ASP.NET Core's worst nightmare just became reality—a flaw so severe it lets attackers bypass your defenses and hijack sessions. Could your server be at risk?

https://thedefendopsdiaries.com/cve-2025-55315-the-highest-severity-aspnet-core-flaw-and-its-implications/

#cve202555315
#aspnetcore
#httprequestsmuggling
#websecurity
#microsoftsecurity

ASP.NET Core's worst nightmare just became reality—a flaw so severe it lets attackers bypass your defenses and hijack sessions. Could your server be at risk?

https://thedefendopsdiaries.com/cve-2025-55315-the-highest-severity-aspnet-core-flaw-and-its-implications/

#cve202555315
#aspnetcore
#httprequestsmuggling
#websecurity
#microsoftsecurity

ASP.NET Core's worst nightmare just became reality—a flaw so severe it lets attackers bypass your defenses and hijack sessions. Could your server be at risk?

https://thedefendopsdiaries.com/cve-2025-55315-the-highest-severity-aspnet-core-flaw-and-its-implications/

#cve202555315
#aspnetcore
#httprequestsmuggling
#websecurity
#microsoftsecurity

ASP.NET Core's worst nightmare just became reality—a flaw so severe it lets attackers bypass your defenses and hijack sessions. Could your server be at risk?

https://thedefendopsdiaries.com/cve-2025-55315-the-highest-severity-aspnet-core-flaw-and-its-implications/

#cve202555315
#aspnetcore
#httprequestsmuggling
#websecurity
#microsoftsecurity

Microsoft’s October update wasn’t just routine—it shut down 6 zero-day loopholes, with some already in play. And with free Windows 10 updates ending, the pressure is on. Is your system ready?

https://thedefendopsdiaries.com/microsoft-october-2025-patch-tuesday-six-zero-days-fixed-as-windows-10-support-ends/

#patchtuesday
#zeroday
#windows10
#cybersecurity
#microsoftsecurity

The God Mode Vulnerability That Should Kill "Trust Microsoft" Forever

https://tide.org/blog/god-mode-vulnerability-microsoft-authorityless-security

#HackerNews #GodMode #Vulnerability #TrustMicrosoft #CyberSecurity #MicrosoftSecurity #VulnerabilityAlert

The God Mode Vulnerability That Should Kill "Trust Microsoft" Forever

https://tide.org/blog/god-mode-vulnerability-microsoft-authorityless-security

#HackerNews #GodMode #Vulnerability #TrustMicrosoft #CyberSecurity #MicrosoftSecurity #VulnerabilityAlert

The God Mode Vulnerability That Should Kill "Trust Microsoft" Forever

https://tide.org/blog/god-mode-vulnerability-microsoft-authorityless-security

#HackerNews #GodMode #Vulnerability #TrustMicrosoft #CyberSecurity #MicrosoftSecurity #VulnerabilityAlert

The God Mode Vulnerability That Should Kill "Trust Microsoft" Forever

https://tide.org/blog/god-mode-vulnerability-microsoft-authorityless-security

#HackerNews #GodMode #Vulnerability #TrustMicrosoft #CyberSecurity #MicrosoftSecurity #VulnerabilityAlert

The God Mode Vulnerability That Should Kill "Trust Microsoft" Forever

https://tide.org/blog/god-mode-vulnerability-microsoft-authorityless-security

#HackerNews #GodMode #Vulnerability #TrustMicrosoft #CyberSecurity #MicrosoftSecurity #VulnerabilityAlert

Nederlandse Dirk-jan ontdekt cruciaal probleem in beveiliging Microsoft: https://www.rtl.nl/nieuws/economie/artikel/5529832/nederlandse-hacker-ontdekt-cruciaal-beveiligingsprobleem-bij

"Toegang tot mail, cloudopslag en servers van miljoenen bedrijven!
Ik kon zomaar namens hen handelen.." #MicrosoftSecurity #cybersafety

Microsoft Confirms ‘Last Update’ For 700 Million Windows Users

Microsoft confirms bad news for Windows users. Gado via Getty Images Republished on August 17 with a new…
#NewsBeep #News #Technology #CA #Canada #Microsoftsecurity #microsoftwarning #windows10endsupport #windows10esu #windows10vswindows11 #windows11freeupgrade #windowsattack #windowssecurity
https://www.newsbeep.com/ca/79304/

Do you want to quickly set up a full-fledged Microsoft Sentinel environment that is ready to use by customers speeding up deployment and initial configuration tasks in few clicks?

Try Microsoft Sentinel All-in-One v2: https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Sentinel-All-In-One

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/announcing-microsoft-sentinel-all-in-one-v2/ba-p/3800037

#microsoft #sentinel #microsoftsentinel #loganalytics #ueba #soc #siem #soar #azure #cloud #cloudsecurity #analytics #microsoftsecurity #microsoft365 #microsoftdefender #xdr #monitoring

Protect Office365 and Windows365 with Azure Firewall

"Traffic from the organization’s network to the required Office 365 endpoints should be managed and secured, which could be a time-consuming ongoing task. With the recent announcement of Azure Firewall integration with Office 365, you can now easily manage this traffic and leverage the firewall’s security features to secure it"

https://techcommunity.microsoft.com/t5/azure-network-security-blog/protect-office365-and-windows365-with-azure-firewall/ba-p/3824533

#azure #office365 #security #network #windows #azurefirewall #microsoftsecurity #microsoft #firewall #network #networksecurity #firewallpolicy #fqdn #cloudsecurity #cloudnetworking #soc #azurenetworksecurity

𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫

The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.

For more information, see:

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/identity-in-focus-exploring-the-new-itdr-experience-within/ba-p/4027129

#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative

𝗦𝗶𝗺𝗽𝗹𝗶𝗳𝗶𝗲𝗱 𝗱𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 𝘄𝗶𝘁𝗵 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆

"Microsoft Defender for Identity is an essential part of a modern security practice, helping your organization protect against, and respond to, identity-based threats. In this blog we will show you the simple steps for deploying Microsoft Defender for Identity within your environment."

https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/simplified-deployment-with-defender-for-identity/ba-p/3966035

#defenderforidentity #mdi #microsoft #microsoftsecurity #defender #adfs #domaincontroller #activedirectory #itdr #azure #adfs #adcs #deployment

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗚𝗿𝗮𝗽𝗵 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴 𝗶𝘀 𝗡𝗼𝘄 𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗶𝗻 𝗣𝘂𝗯𝗹𝗶𝗰 𝗣𝗿𝗲𝘃𝗶𝗲𝘄

With Microsoft Graph Activity Logs, you can now investigate the complete picture of activity in your tenant – from token request in SignIn logs, to API request activity (reads, writes, and deletes) in Microsoft Graph Activity Logs, to ultimate resource changes in Audit logs.

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-graph-activity-log-is-now-available-in-public-preview/ba-p/3848269

#microsoft #entra #entraid #azuread #graph #microsoftgraph #log #idp #identity #azure #API #soc #itdr #security #cybersecurity #siem #soc #monitoring #loganalytics #sentinel #hunting #cyberthreat #identity #identityprovider #microsoftsecurity

𝐌𝐚𝐩 𝐂𝐨𝐧𝐭𝐚𝐢𝐧𝐞𝐫 𝐈𝐦𝐚𝐠𝐞𝐬 𝐟𝐫𝐨𝐦 𝐂𝐨𝐝𝐞 𝐭𝐨 𝐂𝐥𝐨𝐮𝐝 𝐰𝐢𝐭𝐡 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐂𝐥𝐨𝐮𝐝

When a vulnerability is identified in a container image stored in a container registry or running in a Kubernetes cluster, it can be difficult for a security practitioner to trace back to the CI/CD pipeline that first built the container image and identify a developer remediation owner.

With DevOps security capabilities in Microsoft Defender Cloud Security Posture Management (CSPM), you can map your cloud-native applications from code to cloud to easily kick off developer remediation workflows and reduce the time to remediation of vulnerabilities in your container images.

https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/bridging-the-gap-between-code-and-cloud-with-defender-for-cloud/ba-p/4042557

Details: https://learn.microsoft.com/en-us/azure/defender-for-cloud/container-image-mapping

#defender #cspm #CloudSecurityPostureManagement #devops #pipeline #codetocloud #container #vulnerabilities #Kubernetes #cnapp #cwpp #cloudnative #cloudsecurity #soc #microsoft #microsoftsecurity #azure #multicoud