Skip to main content
Microsoft Security

Microsoft Security Blog

Midnight Blizzard: Guidance for responders on nation-state attack 

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.

Retain Microsoft Security Experts

Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs 

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign, the threat actor used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files.

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions 

Along with every merger and acquisition between two companies comes the need to combine and strengthen their IT infrastructure. There is an immediate and profound impact on the identity and access management postures of both companies. Learn how to protect your organization with Strata Identity and Microsoft Entra ID.

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server 

Four new unauthenticated remotely exploitable security vulnerabilities discovered in the popular source code management platform Perforce Helix Core Server have been remediated after being responsibly disclosed by Microsoft. Perforce Server customers are strongly urged to update to version 2023.1/2513900.