Category: Microsoft Security Blog

11 best practices for securing data in cloud services

This blog explores the importance and best practices for securing data in the cloud. It discusses concepts such as authentication, zero trust, and encryption, among others. The post 11 best practices for securing data in cloud services appeared first on…

Patch me if you can: Cyberattack Series

The Microsoft Incident Response team takes swift action to help contain a ransomware attack and regain positive administrative control of the customer environment. The post Patch me if you can: Cyberattack Series appeared first on Microsoft Security Blog. This article…

Public preview: Improve Win32 app security via app isolation

The frequency and impact of zero-day vulnerabilities have witnessed a substantial increase over the years. Attackers frequently exploit either unknown or unpatched vulnerabilities. That’s why we are thrilled to announce the preview of Win32 app isolation. The post Public preview:…

Cadet Blizzard emerges as a novel and distinct Russian threat actor

Microsoft attributes several campaigns to a distinct Russian state-sponsored threat actor tracked as Cadet Blizzard (DEV-0586), including the WhisperGate destructive attack, Ukrainian website defacements, and the hack-and-leak front “Free Civilian”. The post Cadet Blizzard emerges as a novel and distinct…

How Microsoft and Sonrai integrate to eliminate attack paths

Cloud development challenges conventional thinking about risk. Sonrai integrates with Microsoft Sentinel to monitor threats across vectors and automate responses by leveraging security orchestration, automation, and response playbooks, and Microsoft Defender for Cloud to provide visibility across the entire digital…

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations…

Microsoft Security highlights from RSA Conference 2023

At RSA Conference April 24 to 26, 2023, Microsoft Security shared solution news and insights. Watch Vasu Jakkal’s keynote on-demand (video courtesy of RSA conference). The post Microsoft Security highlights from RSA Conference 2023 appeared first on Microsoft Security Blog.…

How Microsoft can help you go passwordless this World Password Day

Learn how guessing, replay, phishing, and multifactor authentication fatigue attacks demonstrate the ongoing vulnerability of passwords, and why going passwordless makes your organization more secure while improving user experience. The post How Microsoft can help you go passwordless this World…

Threat actors strive to cause Tax Day headaches

With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos RAT and compromise target networks. The post Threat actors strive to cause Tax Day headaches appeared first on Microsoft…

Improve supply chain security and resiliency with Microsoft

The Microsoft Supply Chain Platform was just launched to help companies protect their supply chains against cyber threats. The post Improve supply chain security and resiliency with Microsoft   appeared first on Microsoft Security Blog. This article has been indexed…

MERCURY and DEV-1084: Destructive attack on hybrid environment

Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments. The post MERCURY and DEV-1084: Destructive attack on hybrid environment appeared first on Microsoft Security Blog. This article has been indexed from…

DevOps threat matrix

In this blog, we discuss threats we face in our DevOps environment, introducing our new threat matrix for DevOps. Using this matrix, we show the different techniques an adversary might use to attack an organization from the initial access phase…