Bookmark this page to find information on trending security topics.
Microsoft Security Tips and Talk
Unable to display feed at this time.
Microsoft Malware Protection Center
- Browser security beyond sandboxing October 18, 2017Security is now a strong differentiator in picking the right browser. We all use browsers for day-to-day activities like staying in touch with loved ones, but also for editing sensitive private and corporate documents, and even managing our financial assets. A single compromise through a web browser can have catastrophic results. It doesn’t help that...
- Announcing the Windows Defender Advanced Threat Protection ISO 27001 audit assessment report September 27, 2017The security and privacy of customer data are our top priority. Our goals are simple: to operate our services with the security and privacy you expect from Microsoft, and to give you accurate assurances about our security and privacy practices. In line with our commitment to provide customers the utmost transparency, we have enhanced auditing...
- Exploit for CVE-2017-8759 detected and neutralized September 12, 2017The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against this threat. The vulnerability, classified as CVE-2017-8759, was used in limited targeted attacks and reported t […]
- Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene September 6, 2017In the first six months of 2017, ransomware threats reached new levels of sophistication. The same period also saw the reversal of a six-month downward trend in ransomware encounters. New ransomware code was released at a higher rate with increasing complexity. Two high-profile ransomware incidents brought cybersecurity to the forefront of mainstream convers […]
- Microsoft to remove WoSign and StartCom certificates in Windows 10 August 8, 2017Microsoft has concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program. Observed unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate serial numbers, and mult […]
Kapersky Lab Threat Post
- ‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher October 20, 2017Malware dubbed IOTroop that researchers say is "worse than Mirai" has already infected one million businesses worldwide.
- Necurs-Based DDE Attacks Now Spreading Locky Ransomware October 20, 2017Researchers have spotted Locky ransomware infections emanating from the Necurs botnet via Word attachments using a DDE technique that Microsoft says is an Office feature and does not merit a security patch.
- Threatpost News Wrap, Oct. 20, 2017 October 20, 2017This week's Threatpost News Wrap Podcast recaps the ROCA, KRACK and Boundhook attacks, as well as the release of Google Advanced Protection for Gmail.
- Cisco Warns 69 Products Impacted by KRACK October 20, 2017Cisco patched a critical bug in its Cloud Services Platform 2100 hardware and at the same time told customers 96 of its products are vulnerable to KRACK vulnerabilities.
- Google Play Bounty Promises $1,000 Rewards for Flaws in Popular Apps October 19, 2017Google announced a public bug bounty for Google Play that brings developers and researchers together to find and patch flaws in popular apps.