Category: Microsoft Security

This article has been indexed from Microsoft Security Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add…

Read more →

This article has been indexed from Microsoft Security Hacker House co-founder and CEO Matthew Hickey introduces the concept of purple teaming and how a purple team can benefit an organization. The post How purple teams can embrace hacker culture to…

Read more →

This article has been indexed from Microsoft Security CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in…

Read more →

This article has been indexed from Microsoft Security We’re excited to announce seamless integration between Azure Firewall and Azure Sentinel. Now, you can get both detection and prevention in the form of an easy-to-deploy Azure Firewall solution for Azure Sentinel.…

Read more →

This article has been indexed from Microsoft Security On Thursday, June 3rd, via a joint press release on Microsoft Stories, Hart InterCivic and Microsoft have announced a partnership to incorporate ElectionGuard software developed by Microsoft into Hart’s Verity voting systems.…

Read more →

This article has been indexed from Microsoft Security RevolutionCyber Founder and CEO Jules Okafor shares what organizations can do to tackle business challenges and support diversity in cybersecurity. The post Afternoon Cyber Tea: Cybersecurity challenged to meet diversity goals appeared…

Read more →

This article has been indexed from Microsoft Security FileWall brings malware protection capabilities by providing an essential added layer of deep file inspection technology. The post odix and Microsoft: Protecting users against malware attacks with free FileWall license appeared first…

Read more →

This article has been indexed from Microsoft Security Smart meters and smart grid infrastructure have been deployed in many of the world’s electric distribution grids. They promise energy conservation, better grid management for utilities, electricity theft reduction, and a host…

Read more →

This article has been indexed from Microsoft Security Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of…

Read more →

This article has been indexed from Microsoft Security Industrial control systems security consultant Chris Sistrunk discusses operational technology security and the challenges and cybersecurity risks of OT systems. The post Understanding the threat landscape and risks of OT environments appeared…

Read more →

This article has been indexed from Microsoft Security In this blog, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. These tools have been observed being used in the wild as early…

Read more →

This article has been indexed from Microsoft Security Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other…

Read more →

This article has been indexed from Microsoft Security Since 2017, Microsoft has been working with the identity community on two groundbreaking technologies designed from the ground up to make digital privacy convenient and practical: decentralized identifiers and verifiable credentials. We…

Read more →

This article has been indexed from Microsoft Security Learn how your infrastructure and security operations can make you vulnerable to insider threats, ransomware, weaponized AI, and more. The post Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats appeared…

Read more →

This article has been indexed from Microsoft Security We are excited to share that Microsoft has been named a Leader in The Forrester WaveTM: Endpoint Security Software as a Service, Q2 20211, receiving one of the highest scores in the…

Read more →

This article has been indexed from Microsoft Security Embracing Zero Trust is critical to protecting your organization and enabling productivity. Here are our top resources to help accelerate your adoption. The post Resources for accelerating your Zero Trust journey appeared…

Read more →

This article has been indexed from Microsoft Security In this new world of hybrid work, organizations face an increasing volume of data, ever-evolving regulations around how that data is protected, and an evolving complexity and frequency of data security breaches.…

Read more →

This article has been indexed from Microsoft Security Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the…

Read more →

This article has been indexed from Microsoft Security At Microsoft, we continuously collaborate with customers and the InfoSec community to learn more about the latest adversary tradecraft so that we can improve our detection strategies across all our security services.…

Read more →

This article has been indexed from Microsoft Security SAP systems handle massive amounts of critical data. We set out to protect them with the new Azure Sentinel SAP threat monitoring solution. The post Protecting SAP applications with the new Azure…

Read more →

This article has been indexed from Microsoft Security We are thrilled to share that Forrester Research has named Microsoft Cloud App Security as a leader in the Forrester Wave™: Cloud Security Gateways, Q2 2021. The post Forrester names Microsoft a…

Read more →

This article has been indexed from Microsoft Security Chris Sistrunk, a Technical Manager in Mandiant’s ICS/OT Consulting practice, shares best practices to improve operational technology security. The post Mitigate OT security threats with these best practices appeared first on Microsoft…

Read more →

This article has been indexed from Microsoft Security We are operating in the most sophisticated threat landscape ever seen, and coupled with the next great disruption—hybrid work—security is more challenging than ever. Protecting from external threats is only one part…

Read more →

This article has been indexed from Microsoft Security We are operating in the most complex cybersecurity landscape we’ve ever seen. Sophisticated and determined attackers are the norm. And we all are preparing for the next great disruption—hybrid work. The post…

Read more →

This article has been indexed from Microsoft Security Security continues to be a number one priority for our customers, especially as many companies around the world are looking to transition from remote work to hybrid. To truly meet this challenge,…

Read more →

This article has been indexed from Microsoft Security We are operating in the most complex cybersecurity landscape we’ve ever seen. Sophisticated and determined attackers are the norm. And we all are preparing for the next great disruption—hybrid work. The post…

Read more →

This article has been indexed from Microsoft Security Security continues to be a number one priority for our customers, especially as many companies around the world are looking to transition from remote work to hybrid. To truly meet this challenge,…

Read more →

We are swiftly adapting to the lasting reality of a hybrid workforce, with the number of remote workers in the US expected to nearly double over the next five years, compared to pre-pandemic times. As a result, security teams are…

Read more →

We are so grateful to our customers who have collaborated with us in creating one of the best endpoint security solutions on the market and are thrilled that Gartner has recognized this work and the journey we’ve taken alongside our…

Read more →

Business email compromise is the costliest phishing attack threat to organizations. In this post, we explore how it works and strategies to fight it. The post Business email compromise: How Microsoft is combating this costly threat appeared first on Microsoft…

Read more →

Read our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft targeting the consumer goods, process manufacturing and agriculture, real estate, discrete manufacturing, and professional services sectors. The post Business email compromise campaign targets…

Read more →

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and…

Read more →

In MITRE Engenuity’s recent Carbanak+FIN7 ATT&CK Evaluation, Microsoft demonstrated that we can stop advanced, real-world attacks by threat actor groups with our industry-leading security capabilities. In this year’s evaluation, we engaged our unified Microsoft 365 Defender stack, with market-leading capabilities…

Read more →

A rapid proliferation of IoT has opened unsupervised doors to cybercriminals. How can we apply the principles of Zero Trust to address this challenge? The post How to apply a Zero Trust approach to your IoT solutions appeared first on…

Read more →

Read the original article: AI security risk assessment using Counterfit Counterfit is a command-line tool for security professionals to red team AI systems and systematically scans for vulnerabilities as part of AI risk assessment. The post AI security risk assessment…

Read more →

Read the original article: Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix Microsoft is happy to have contributed and worked closely with the Center for Threat-Informed Defense and other partners to develop…

Read more →

Read the original article: Meet critical infrastructure security compliance requirements with Microsoft 365 Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Operators must manage industrial control systems as well as IT environments that are…

Read more →

Read the original article: Defending against cryptojacking with Microsoft Defender for Endpoint and Intel TDT With cryptocurrency mining on the rise, Microsoft and Intel have partnered to deliver threat detection technology to enable EDR capabilities in Microsoft Defender for Endpoint.…

Read more →

Read the original article: Evolving beyond password complexity as an identity strategy What’s the future of identity? Have I Been Pwned Founder Troy Hunt shares his insights with Microsoft as well as strategies for protecting identities. The post Evolving beyond…

Read more →

Read the original article: MITRE Engenuity ATT&CK® Evaluation proves Microsoft Defender for Endpoint stops advanced attacks across platforms For the third year in a row, Microsoft successfully demonstrated industry-leading defense capabilities in the independent MITRE ATT&CK evaluation. The post MITRE…

Read more →

Read the original article: Afternoon Cyber Tea: Cybersecurity has become a pillar of the business Information security researcher and author Tarah Wheeler talks with Microsoft’s Ann Johnson about the growing role of cybersecurity as a pillar of the business. The…

Read more →

Read the original article: Surface expands its Secured-core portfolio with the new Surface Laptop 4 powered by AMD Ryzen™ Mobile Processors Microsoft is proud to announce our latest Secured-core offering, the all-new Surface Laptop 4 powered by AMD Ryzen™ Mobile Processors. These…

Read more →

Read the original article: CyberMDX and Microsoft: Protecting life-saving medical devices While hospitals continue to battle the COVID-19 pandemic, many are battling other “viruses” behind the scenes. The post CyberMDX and Microsoft: Protecting life-saving medical devices appeared first on Microsoft…

Read more →

Read the original article: How far have we come? The evolution of securing identities What are today’s biggest identity challenges? Have I Been Pwned Founder Troy Hunt talks with Microsoft about the current state of identity. The post How far…

Read more →

Read the original article: Secure unmanaged devices with Microsoft Defender for Endpoint now New Microsoft Defender for Endpoint capabilities let organizations discover and secure unmanaged workstations, mobile devices, servers, and network devices. The post Secure unmanaged devices with Microsoft Defender…

Read more →

Read the original article: Investigating a unique “form” of email delivery for IcedID malware Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal…

Read more →

Read the original article: Threat matrix for storage services Storage services are one of the most popular services in the cloud. In this blog, we outline potential risks that you should be aware of when deploying, configuring, or monitoring your…

Read more →

Read the original article: Threat matrix for storage Storage services are one of the most popular services in the cloud. In this blog, we outline potential risks that you should be aware of when deploying, configuring, or monitoring your storage…

Read more →

Read the original article: Gamifying machine learning for stronger security and AI models We are open sourcing the Python source code of a research toolkit we call CyberBattleSim, an experimental research project that investigates how autonomous agents operate in a…

Read more →

Read the original article: Microsoft Defender for Endpoint now supports Windows 10 on Arm devices Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is…

Read more →

Read the original article: Protect your business from email phishing with multi-factor authentication Cybersecurity has been in the news far more often in the past 12 months than in previous years, as cybercriminals escalated their activity during the COVID-19 pandemic…

Read more →

Read the original article: Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting A probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking enables us to quickly predict the…

Read more →

Read the original article: BlueVoyant optimizes customer security with Microsoft security services Exponential growth in remote users and accelerated digital transformation involving migration of applications and data to the cloud has expanded the organizations’ attack surface. The post BlueVoyant optimizes…

Read more →

Read the original article: Zero Trust: 7 adoption strategies from security leaders How can your organization move to a Zero Trust security model? Ten executive security leaders met virtually to share strategies that been effective for them. The post Zero…

Read more →

Read the original article: New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats The March 2021 Security Signals report showed that more than 80% of enterprises…

Read more →

Read the original article: How to build a successful application security program Tanya Janca, Founder of the We Hack Purple Academy, talks with Microsoft about how to build an application security program and measure its success. The post How to…

Read more →

Read the original article: Securing our approach to domain fronting within Azure Changes Microsoft is making in Azure to address challenges with domain fronting. The post Securing our approach to domain fronting within Azure appeared first on Microsoft Security.  …

Read more →

Read the original article: Analyzing attacks taking advantage of the Exchange Server vulnerabilities Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. As organizations recover from this incident, we continue to publish guidance and share…

Read more →

Read the original article: How one data scientist is pioneering techniques to detect security threats Data science is an increasingly popular field of study that’s relevant to every industry. When Maria Puertas Calvo was a student, she never imagined that…

Read more →

Read the original article: Secure containerized environments with updated threat matrix for Kubernetes The updated threat matrix for Kubernetes adds new techniques found by Microsoft researchers, as well as techniques that were suggested by the community. The post Secure containerized…

Read more →

Read the original article: Medius’ small IT team supports distributed workforce with Azure Active Directory How can a small IT team do more with less? Medius, which develops cloud-based spend management solutions, shares its Azure Active Directory story with Microsoft.…

Read more →

Read the original article: Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus Microsoft Defender Antivirus and System Center Endpoint Protection will automatically mitigate CVE-2021-26855 on any vulnerable Exchange Server on which it is deployed. We have taken this…

Read more →

Read the original article: 5 steps to enable your corporate SOC to rapidly detect and respond to IoT/OT threats As organizations connect massive numbers of IoT/OT devices to their networks to optimize operations, boards and management teams are increasingly concerned…

Read more →

Read the original article: 5 steps to enable your corporate SOC to rapidly detect and respond to IoT/OT threats As organizations connect massive numbers of IoT/OT devices to their networks to optimize operations, boards and management teams are increasingly concerned…

Read more →

Read the original article: Protecting on-premises Exchange Servers against recent attacks For the past few weeks, Microsoft and others in the security industry have seen an increase in attacks against on-premises Exchange servers. The target of these attacks is a…

Read more →

Read the original article: Finalists announced in second annual Microsoft Security 20/20 awards The Microsoft Security 20/20 awards honor partners who align to Microsoft’s focus on customer obsession and have developed innovative, integrated solutions during the past year across the…

Read more →

Read the original article: The biggest challenges—and important role—of application security Tanya Janca, Founder of We Hack Purple Academy, talks with Microsoft about the biggest application security challenges and AppSec’s role in cybersecurity. The post The biggest challenges—and important role—of…

Read more →

Read the original article: Azure LoLBins: Protecting against the dual use of virtual machine extensions Azure Defender for Resource Manager automatically monitors the resource management operations. This blog discusses the threats that are caused by ‘Living off the land Binaries’.…

Read more →

Read the original article: International Women’s Day: How to support and grow women in cybersecurity Today, March 8, we are proud to celebrate International Women’s Day. The United Nations announced this year’s theme as “Women in leadership: Achieving an equal…

Read more →

Read the original article: GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence Microsoft has identified three new pieces of malware being used in late-stage activity by NOBELIUM – the actor behind the SolarWinds attacks, SUNBURST, and TEARDROP. The post GoldMax,…

Read more →

Read the original article: A better cloud access security broker: Securing your SaaS cloud apps and services with Microsoft Cloud App Security Learn how Microsoft Cloud App Security helps manage your SaaS apps and services, protecting against cyber threats, data…

Read more →

Read the original article: XLM + AMSI: New runtime defense against Excel 4.0 macro malware We have recently expanded the integration of Antimalware Scan Interface (AMSI) with Office 365 to include the runtime scanning of Excel 4.0 (XLM) macros, to…

Read more →

Read the original article: Compliance joins Microsoft Intelligent Security Association (MISA) Like many of you, I’m thrilled to have my 2020 calendar safely in the recycling pile. During that time though, you too might have noticed how, perhaps unknowingly, you…

Read more →

Read the original article: HAFNIUM targeting Exchange Servers with 0-day exploits Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this…

Read more →

Read the original article: Identity at Microsoft Ignite: Strengthening Zero Trust defenses in the era of hybrid work Learn more about the latest Azure Active Directory innovations that will allow you deliver a secure and seamless experience to your users…

Read more →

Read the original article: Securing and governing data in a new hybrid work reality New Microsoft compliance capabilities enable you to extend data protection and governance across apps, endpoints, and platforms to keep your people collaborative and productive, while ensuring…

Read more →

Read the original article: Microsoft unifies SIEM and XDR to help stop advanced attacks Learn how Microsoft is taking the next step in unifying experiences and delivering enhanced tools and intelligence to stop advanced attacks. The post Microsoft unifies SIEM…

Read more →

Read the original article: 4 ways Microsoft is delivering security for all in a Zero Trust world Today we’re excited to share with you several new innovations across four key areas—identity, security, compliance, and skilling—to give you the holistic security…

Read more →

Read the original article: Microsoft brings advanced hardware security to Server and Edge with Secured-core Microsoft is collaborating with partners to expand Secured-core to Windows Server, Azure Stack HCI, and Azure-certified IoT devices. The post Microsoft brings advanced hardware security…

Read more →

Read the original article: Microsoft open sources CodeQL queries used to hunt for Solorigate activity We are sharing the CodeQL queries that we used to analyze our source code at scale and rule out the presence of the code-level indicators…

Read more →

Read the original article: Becoming resilient by understanding cybersecurity risks: Part 3—a security pro’s perspective Get insights on how to work with business leaders to manage risk and defend against sophisticated cyber threats. The post Becoming resilient by understanding cybersecurity…

Read more →

Read the original article: Microsoft listed as a Representative Vendor in 2020 Gartner Market Guide for Insider Risk Management Solutions Microsoft listed as a Representative Vendor in the 2020 Market Guide for Insider Risk Management Solutions. Insider Risk Management is…

Read more →

Read the original article: Securing Azure datacenters with continuous IoT/OT monitoring Learn how Microsoft ensures operational resilience for Azure datacenters with Azure Defender for IOT and Azure Sentinel The post Securing Azure datacenters with continuous IoT/OT monitoring appeared first on…

Read more →

Read the original article: What we like about Microsoft Defender for Endpoint Microsoft Defender for Endpoint provides the right security intelligence for Expel to analyze rich data and provide support for their customers. The post What we like about Microsoft…

Read more →

Read the original article: Forrester Consulting TEI Study: Azure Security Center delivers 219 percent ROI over 3 years and a payback of less than 6 months This blog shares the results of Total Economic Impact Study, creating a framework for…

Read more →

Read the original article: Turning the page on Solorigate and opening the next chapter for the security community The recent Solar Winds attack is a moment of reckoning. Today, as we close our own internal investigation of the incident, we continue…

Read more →

Read the original article: 6 strategies to reduce cybersecurity alert fatigue in your SOC Alert fatigue is a top of mind challenge when it comes to security monitoring. As a result, organizations are constantly trying to improve their human capabilities,…

Read more →

Read the original article: Afternoon Cyber Tea: Evaluating individual and organizational cyber risk in a pandemic The pandemic is exposing weaknesses in cybersecurity—learn why an integrated security solution can help combat emerging cyber threats. The post Afternoon Cyber Tea: Evaluating…

Read more →

Read the original article: A playbook for modernizing security operations What’s the future of security operations? Dave Kennedy, Founder of Binary Defense, shares his insights on threat hunting, incident response, and more with Microsoft. The post A playbook for modernizing…

Read more →

Read the original article: Web shell attacks continue to rise A year ago, we reported the steady increase in the use of web shells in attacks worldwide. The latest Microsoft 365 Defender data shows that this trend not only continued,…

Read more →

Read the original article: Why threat protection is critical to your Zero Trust security strategy The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in…

Read more →

Read the original article: Why threat protection is critical to your Zero Trust security strategy The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in…

Read more →

Read the original article: Sophisticated cybersecurity threats demand collaborative, global response Since December, the United States, its government, and other critical institutions including security firms have been addressing the world’s latest serious nation-state cyberattack, sometimes referred to as ‘Solorigate’ or…

Read more →

Read the original article: Automating and operationalizing data protection with Dataguise and Microsoft Information Protection This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  In technical literature, the terms data discovery, classification, and…

Read more →

Read the original article: Modernizing your network security strategy From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones…

Read more →

Read the original article: Afternoon Cyber Tea: Privacy, the pandemic, and protecting our cyber future Get insights on how cyber operatives manipulate social media users, and how you can protect yourself from social engineering and other cyber threats. The post…

Read more →

Read the original article: What tracking an attacker email infrastructure tells us about persistent cybercriminal operations Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing…

Read more →

Read the original article: Recent enhancements for Microsoft Power Platform governance An emerging trend in digital transformation efforts has been the rise of low-code development platforms. Of course, these low-code platforms must be grounded in best-of-breed governance capabilities which include…

Read more →

Read the original article: Why operational resilience will be key in 2021, and how this impacts cybersecurity The lessons we have learned during the past 12 months have demonstrated that the ability to respond to, and bounce back from adversity…

Read more →

Read the original article: ZINC attacks against security researchers In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. Observed targeting includes pen testers, private offensive security researchers, and employees at security and…

Read more →