Bleeping Computer

Microsoft Trusted Signing service abused to code-sign malware

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...
Bleeping Computer

Microsoft: Hackers steal emails in device code phishing attacks

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the ...
ZDNet

Microsoft is changing the way you sign in - and it could be a security nightmare

Those of you who use a Microsoft account to sign in to Microsoft websites should be aware of an upcoming change that could put your security at risk. In a recent update to a support page on using a ...
Dark Reading

From Code Red to Rust: Microsoft's Security Journey

Microsoft is reflecting back on security lessons learned over the past 25 years. As one of the most targeted digital estates in the world, the company sees threats against its products up close every ...