Microsoft Rolls Out Scalable Cybersecurity Playbook with SFI Patterns
Microsoft’s Secure Future Initiative (SFI) offers structured cybersecurity guidance to help organizations address complex challenges with proven security strategies.
Microsoft
‘Ghost Calls’ Attack Exploits Web Conferencing as Hidden Command-and-Control Channel
Security researchers have unveiled a sophisticated new attack technique called “Ghost Calls” that exploits popular web conferencing platforms to establish covert command-and-control (C2) channels, effectively turning trusted business commun…
New Microsoft Exchange Server Vulnerability Allows Unauthorized Admin Privilege Escalation
Microsoft has disclosed a high-severity security vulnerability affecting Exchange Server hybrid deployments that could allow attackers with administrative access to escalate privileges and potentially compromise an organization’s entire cloud and…
Microsoft Paid Out $17 Million in Bug Bounties in Past Year
Microsoft handed out $17 million in rewards to 344 security researchers through its bug bounty programs over the past year.
The post Microsoft Paid Out $17 Million in Bug Bounties in Past Year appeared first on SecurityWeek.
‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians
Revealed: The Israeli military undertook an ambitious project to store a giant trove of Palestinians’ phone calls on Microsoft’s servers in EuropeOne afternoon in late 2021, Microsoft’s chief executive, Satya Nadella, met with the commander of Israel’s…
AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice
AI prevented real-world cyberattacks before they began. Can AI continue to beat human threat actors to zero-day vulnerabilities?
Microsoft Launches Zero-Day Quest Hacking Contest with Rewards Up to $5 Million
Microsoft has unveiled the return of its groundbreaking Zero Day Quest initiative, escalating the stakes in cybersecurity research with a staggering total bounty pool of up to $5 million. Building on the success of last year’s inaugural event, wh…
Project Ire: Microsoft’s autonomous malware detection AI agent
Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday. Tested on a dataset of known malicious and benign …
Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware
Microsoft has unveiled Project Ire, a prototype autonomous AI agent that can analyze any software file to determine if it’s malicious.
The post Microsoft’s Project Ire Autonomously Reverse Engineers Software to Find Malware appeared first on Secu…
Hackers Target SharePoint Flaw to Access IIS Machine Keys
Zero-day exploits against Microsoft SharePoint are enabling attackers to extract IIS machine keys, establishing persistent backdoors that survive patches and reboots. In mid-July 2025, threat actors began abusing two critical SharePoint vulnerabilities…