Tag: Microsoft Security Blog

Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

2024-09-26 12:09

Gartner® names Microsoft a Leader in Endpoint Protection Platforms—a reflection, we believe, of our continued progress in helping organizations protect their endpoints against even the most sophisticated attacks, while driving continued efficiency for security operations center teams. The post Microsoft…

Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

2024-09-26 11:09

Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

2024-09-26 10:09

Activate your data responsibly in the era of AI with Microsoft Purview

2024-09-26 03:09

We are announcing preview for Microsoft Purview Information Protection to restrict content in Microsoft Fabric with sensitivity labels and Microsoft Purview Data Loss Prevention policies for lakehouses, and spotlighting our recent general availability of Microsoft Purview Data Governance solution. The…

Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

2024-09-26 03:09

Microsoft Trustworthy AI: Unlocking human potential starts with trust

2024-09-25 00:09

At Microsoft, we have commitments to ensuring Trustworthy AI and are building industry-leading supporting technology. Our commitments and capabilities go hand in hand to make sure our customers and developers are protected at every layer. Building on our commitments, today…

Securing our future: September 2024 progress update on Microsoft’s Secure Future Initiative (SFI)

2024-09-23 22:09

Since the Secure Future Initiative (SFI) began, we’ve dedicated the equivalent of 34,000 full-time engineers to SFI—making it the largest cybersecurity engineering effort in history. And now, we’re sharing key updates and milestones from the first SFI Progress Report. The…

Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI

2024-09-19 22:09

Join us in November 2024 in Chicago for Microsoft Ignite to connect with industry leaders and learn about our newest solutions and innovations. The post Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI…

How comprehensive security simplifies the defense of your digital estate

2024-09-18 23:09

End-to-end security is a modern, comprehensive approach to data protection that aligns data protection and incident response across devices, systems, and users. Read the blog post to explore why it’s an attractive option for organizations committed to strengthening their cybersecurity.…

The art and science behind Microsoft threat hunting: Part 3

2024-08-29 22:08

In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios. The post The art and science behind Microsoft threat hunting: Part 3 appeared first on Microsoft Security Blog. This article…

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

2024-08-29 00:08

Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as…

Microsoft again ranked number one in modern endpoint security market share

2024-08-22 14:08

IDC Worldwide Corporate Endpoint Security Market Shares report for 2023 ranks Microsoft number one in market share with a 40.7% increase in share over last year. The post Microsoft again ranked number one in modern endpoint security market share appeared…

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

2024-08-09 01:08

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches,…

How Microsoft and NIST are collaborating to advance the Zero Trust Implementation

2024-08-08 18:08

Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details…

New Microsoft whitepaper shares how to prepare your data for secure AI adoption

2024-08-01 09:08

In our newly released whitepaper, we share strategies to prepare for the top data challenges and new data security needs in the age of AI. The post New Microsoft whitepaper shares how to prepare your data for secure AI adoption…

Windows Security best practices for integrating and managing security tools

2024-07-29 22:07

We examine the recent CrowdStrike outage and provide a technical overview of the root cause. The post Windows Security best practices for integrating and managing security tools appeared first on Microsoft Security Blog. This article has been indexed from Microsoft…

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption

2024-07-29 22:07

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active…

Onyx Sleet uses array of malware to gather intelligence for North Korea

2024-07-26 10:07

On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking…

Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture

2024-07-24 21:07

Register for the “Zero Trust in the Age of AI” webcast to learn more about how our new capabilities in identity and network access and security operations make it easier to implement Zero Trust across your entire environment. The post…

Connect with Microsoft Security at Black Hat USA 2024

2024-07-19 06:07

Join Microsoft Security leaders and other security professionals from around the world at Black Hat USA 2024 to learn the latest information on security in the age of AI, cybersecurity protection, threat intelligence insights, and more. The post Connect with…

Microsoft Purview Data Governance will be generally available September 1, 2024

2024-07-17 10:07

Microsoft Purview Data Governance will become generally available to enterprise customers on September 1, 2024. It helps today’s data leaders solve their key data governance and security challenges in one unified AI-powered and business-friendly solution. The post Microsoft Purview Data…

Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations platform, now generally available

2024-07-12 09:07

Microsoft is announcing the Microsoft Entra Suite and the unified security operations platform, two innovations that simplify the implementation of your Zero Trust security strategy. The post Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations…

Vulnerabilities in PanelView Plus devices could lead to remote code execution

2024-07-02 19:07

Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell’s PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). PanelView Plus devices are graphic terminals, which are known as…

Working with a cybersecurity committee of the board

2024-06-28 12:06

Learn about the rise of cybersecurity committees and how the CISO and IT security team can work with them to produce the best result for the organization’s IT security and enable digital transformation. The post Working with a cybersecurity committee…

Mitigating Skeleton Key, a new type of generative AI jailbreak technique

2024-06-28 12:06

Microsoft recently discovered a new type of generative AI jailbreak method called Skeleton Key that could impact the implementations of some large and small language models. This new method has the potential to subvert either the built-in model safety or…

How to boost your incident response readiness

2024-06-26 09:06

Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team. The post How to boost your incident response readiness appeared first on Microsoft Security Blog. This…

Microsoft Defender Experts for XDR recognized in the latest MITRE Engenuity ATT&CK® Evaluation for Managed Services

2024-06-19 18:06

Microsoft Defender Experts for XDR delivered excellent results during round 2 of the MITRE Engenuity ATT&CK® Evaluations for Managed Services menuPass + ALPHV BlackCat. The post Microsoft Defender Experts for XDR recognized in the latest MITRE Engenuity ATT&CK® Evaluation for…

Microsoft Incident Response tips for managing a mass password reset

2024-06-13 06:06

When an active incident leaves systems vulnerable, a mass password reset may be the right tool to restore security. This post explores the necessity and risk associated with mass password resets. The post Microsoft Incident Response tips for managing a…

How to achieve cloud-native endpoint management with Microsoft Intune

2024-06-12 17:06

In this post, we’re focusing on what it really takes for organizations to become fully cloud-native in endpoint management—from the strategic leadership to the tactical execution. The post How to achieve cloud-native endpoint management with Microsoft Intune appeared first on…

Microsoft is again named the overall leader in the Forrester Wave for XDR

2024-06-04 15:06

Microsoft has been named a leader in The Forrester Wave™: Extended Detection and Response (XDR) platforms, Q2, 2024, and received the highest scores in both strategy and current offering categories, as well as in the market presence category. The post…

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

2024-05-31 22:05

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the…

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

2024-05-29 18:05

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that combines many tried-and-true techniques used by other North Korean threat actors, as well as unique attack methodologies to target companies for its financial…

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

2024-05-29 18:05

Discover the top multicloud security risks across DevOps, runtime environments, identity and access, and data in this new report from Microsoft. The post 6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy appeared first…

Cyber Signals: Inside the growing risk of gift card fraud

2024-05-25 07:05

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. The latest edition of Cyber Signals dives deep into the world of Storm-0539, also known as Atlas Lion, shedding light on their sophisticated methods of…

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

2024-05-16 11:05

Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that lead to malware like Qakbot followed by Black Basta ransomware deployment. The post Threat actors misusing Quick Assist in…

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management

2024-05-15 22:05

Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management and positioned based on our Ability to Execute Completeness of vision. The post Microsoft is again named a Leader in the 2024 Gartner®…