Microsoft Defender for Endpoint – Experimental News Clipping Site

Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

Oct 6, 2025

—

by

Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…

Microsoft Security Blog: XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory

Sep 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/09/25/xcsset-evolves-again-analyzing-the-latest-updates-to-xcssets-inventory/ Source: Microsoft Security Blog Title: XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory Feedly Summary: Microsoft Threat Intelligence has uncovered a new variant of the XCSSET malware, which is designed to infect Xcode projects, typically used by software developers building Apple or macOS-related applications. The post XCSSET evolves again: Analyzing…

Microsoft Security Blog: Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability

Jul 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/07/28/sploitlight-analyzing-a-spotlight-based-macos-tcc-vulnerability/ Source: Microsoft Security Blog Title: Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability Feedly Summary: Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), including the ability to extract and leak sensitive information…

Microsoft Security Blog: Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

Jul 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/07/16/microsoft-is-named-a-leader-in-the-2025-gartner-magic-quadrant-for-endpoint-protection-platforms/ Source: Microsoft Security Blog Title: Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms Feedly Summary: We are honored to be recognized once again as a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms—our sixth consecutive year. The post Microsoft is named a…

Microsoft Security Blog: Protecting customers from Octo Tempest attacks across multiple industries

Jul 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/07/16/protecting-customers-from-octo-tempest-attacks-across-multiple-industries/ Source: Microsoft Security Blog Title: Protecting customers from Octo Tempest attacks across multiple industries Feedly Summary: To help protect and inform customers, Microsoft highlights protection coverage across the Microsoft Defender security ecosystem to protect against threat actors like Octo Tempest. The post Protecting customers from Octo Tempest attacks across multiple industries appeared…

Microsoft Security Blog: How Microsoft Defender for Endpoint is redefining endpoint security

Jun 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/06/03/how-microsoft-defender-for-endpoint-is-redefining-endpoint-security/ Source: Microsoft Security Blog Title: How Microsoft Defender for Endpoint is redefining endpoint security Feedly Summary: Learn why many CISOs prefer Microsoft Defender for Endpoint for comprehensive cyberthreat protection across devices and platforms. The post How Microsoft Defender for Endpoint is redefining endpoint security appeared first on Microsoft Security Blog. AI Summary…

Microsoft Security Blog: Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape

May 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/01/analyzing-cve-2025-31191-a-macos-security-scoped-bookmarks-based-sandbox-escape/ Source: Microsoft Security Blog Title: Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape Feedly Summary: Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared our findings with Apple and a fix was released for this vulnerability,…

Microsoft Security Blog: Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI

Apr 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/09/stopping-attacks-against-on-premises-exchange-server-and-sharepoint-server-with-amsi/ Source: Microsoft Security Blog Title: Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI Feedly Summary: Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their environments and respond to these attacks, Exchange Server and…

Microsoft Security Blog: How cyberattackers exploit domain controllers using ransomware

Apr 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/09/how-cyberattackers-exploit-domain-controllers-using-ransomware/ Source: Microsoft Security Blog Title: How cyberattackers exploit domain controllers using ransomware Feedly Summary: Read how cyberattackers exploit domain controllers to gain privileged system access where they deploy ransomware that causes widespread damage and operational disruption. The post How cyberattackers exploit domain controllers using ransomware appeared first on Microsoft Security Blog. AI…

Tag: Microsoft Defender for Endpoint