SEARCH
Archive
After Backlash, Microsoft Recall Will be Disabled by Default
Microsoft said the controversial Copilot Plus PC Recall feature will no longer be enabled by default after backlash from security and privacy experts.
Researchers Warn of Potential Abuse of Azure Service Tags
Tenable researchers discovered a technique for abusing Azure service tags to bypass firewall rules and Microsoft has issued new guidance for customers.
Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.
CISA Emergency Directive Orders Mitigations After Microsoft Breach
The U.S. government has made public an emergency directive that it issued last week for federal agencies, ordering them to take various mitigation measures after Microsoft's compromise last year.
CSRB: Microsoft Should Refocus on Security After Cloud Intrusion
The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the 2023 compromise of more than 20 customers' cloud email inboxes by a Chinese threat group.