ZDNet

CISA: Here's how to apply this key Windows patch without breaking certificate authentication

The Cybersecurity & Infrastructure Security Agency (CISA) is now advising federal agencies and others to patch a Windows flaw from Microsoft's May Patch Tuesday. CISA has re-added the Windows flaw CVE ...
TechCrunch

Microsoft lost its keys, and the government got hacked

Microsoft still doesn’t know — or want to share — how China-backed hackers stole a key that allowed them to stealthily break into dozens of email inboxes, including those belonging to several federal ...
CRN

Microsoft Cloud Breach: 5 Key Findings From Wiz

The recent compromise of Microsoft cloud email accounts is troubling for a number of reasons, including the fact that multiple U.S. government agencies were among the victims of the China-linked hack.
ZDNet

Microsoft: Hackers are using this 'concerning' tactic to dodge multi-factor authentication

Microsoft has outlined several mitigations to protect against attacks on multi-factor authentication that will unfortunately make life more difficult for your remote workers. Three years ago, attacks ...
Bleeping Computer

Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to ...
Wired

The Comedy of Errors That Let China-Backed Hackers Steal Microsoft’s Signing Key

Microsoft said in June that a China-backed hacking group had stolen a cryptographic key from the company's systems. This key allowed the attackers to access cloud-based Outlook email systems for 25 ...