microsoft
Safeguard articles tagged "microsoft" — guides, analysis, and best practices for software supply chain and application security.
16 articles
Midnight Blizzard Breaches Microsoft: What the Exchange Online Attack Means for Everyone
Russian state actors compromised Microsoft executive email accounts through a password spray attack on a legacy test tenant. The breach exposed how identity misconfigurations cascade.
Microsoft's Secure Supply Chain Practices
How Microsoft rebuilt its security posture after years of high-profile incidents, implementing supply chain controls that now protect one of the world's largest software ecosystems.
Follina (CVE-2022-30190): The Microsoft Zero-Day That Bypassed Macro Protections
A Word document, no macros enabled, and full remote code execution. Follina exploited the Microsoft Support Diagnostic Tool via ms-msdt protocol handlers, rendering years of macro-blocking defenses irrelevant.
Microsoft LAPSUS$ Breach: Source Code Access and the Limits of Perimeter Security
LAPSUS$ claimed access to Microsoft's source code repositories, leaking 37GB of code from Bing, Cortana, and other projects. The breach showed that even tech giants have access control gaps.