Tag: Microsoft Security

Do you have the right practices in place to retain and grow the cybersecurity women who already work at your company? The post Welcoming and retaining diversity in cybersecurity appeared first on Microsoft Security.   Advertise on IT Security News.…

Read more →

The hardware and software companies who supply utilities must implement better security of their build and update environment to reduce the risk of an attack on critical infrastructure. The post Defending the power grid against supply chain attacks—Part 2: Securing…

Read more →

The hardware and software companies who supply utilities must implement better security of their build and update environment to reduce the risk of an attack on critical infrastructure. The post Defending the power grid against supply chain attacks—Part 2: Securing…

Read more →

Astaroth is back sporting significant changes. The updated attack chain maintains Astaroth’s complex, multi-component nature and continues its pattern of detection evasion. The post Latest Astaroth living-off-the-land attacks are even more invisible but not less observable appeared first on Microsoft…

Read more →

Customers are asking us what Microsoft is doing to help protect them from phishing and cyberattacks, and what they can do to better protect themselves. We thought now would be a good time to share some best practices and useful…

Read more →

I’ve long been a proponent to challenging traditional schools of thought—traditional cyber-norms—and encouraging our industry to get outside its comfort zones. The post Welcoming more women into cybersecurity: the power of mentorships appeared first on Microsoft Security.   Advertise on…

Read more →

I’m proud to announce that Microsoft is positioned as a Leader in The Forrester Wave™: Enterprise Detection and Response, Q1 2020. The post Forrester names Microsoft a Leader in 2020 Enterprise Detection and Response Wave appeared first on Microsoft Security.…

Read more →

Secured-core PCs combine virtualization, operating system, and hardware and firmware protection. Along with Microsoft Defender ATP, Secured-core PCs provide end-to-end protection against advanced attacks that leverage driver vulnerabilities to gain kernel privileges. The post Secured-core PCs: A brief showcase of…

Read more →

With many employees suddenly working from home, there are things an organization and employees can do to help remain productive without increasing cybersecurity risk. The post Work remotely, stay secure—guidance for CISOs appeared first on Microsoft Security.   Advertise on…

Read more →

The integration of FIDO2-based YubiKeys and Azure Active Directory (Azure AD) is a game changer. The post Empower Firstline Workers with Azure AD and YubiKey passwordless authentication appeared first on Microsoft Security.   Advertise on IT Security News. Read the…

Read more →

Set a high standard of software assurance with internal teams, partners, and suppliers to reduce your risk of a software supply chain attack. The post Guarding against supply chain attacks—Part 3: How software becomes compromised appeared first on Microsoft Security.…

Read more →

A threat hunting team can help you defend against stealth attackers. The post Threat hunting: Part 1—Why your SOC needs a proactive hunting team appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: Threat…

Read more →

Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop…

Read more →

In the new DART Case Reports, you’ll find unique stories from our team’s engagements around the globe. Read the first in the series today. The post Real-life cybercrime stories from DART, the Microsoft Detection and Response Team appeared first on…

Read more →

We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities. The post IT executives prioritize Multi-Factor Authentication in 2020 appeared first on Microsoft Security.…

Read more →

In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network. The post Human-operated ransomware attacks: A preventable disaster appeared first on…

Read more →

Organizations should consider a Cloud Identity as a Service (IDaaS), and MFA solution, like Azure Active Directory (Azure AD) for effective countermeasures against modern threats. The post Quick wins—single sign-on (SSO) and Multi-Factor Authentication (MFA) appeared first on Microsoft Security.…

Read more →

This is the first in a blog series to help lessen confusion around identity by sharing with you some of the terms used at Microsoft. The post Microsoft identity acronyms—what do they mean and how do they relate to each…

Read more →

MISA has grown to 102 members. The post MISA expands with new members and new product additions appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: MISA expands with new members and new product…

Read more →

Azure Sphere is now generally available: Ann Johnson and Galen Hunt discuss cybersecurity, IoT, and why device security matters. The post Azure Sphere—Microsoft’s answer to escalating IoT threats—reaches general availability appeared first on Microsoft Security.   Advertise on IT Security…

Read more →

MISA has grown to 102 members. The post MISA expands with new members and new product additions appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: MISA expands with new members and new product…

Read more →

Azure Sphere is now generally available: Ann Johnson and Galen Hunt discuss cybersecurity, IoT, and why device security matters. The post Azure Sphere—Microsoft’s answer to escalating IoT threats—reaches general availability appeared first on Microsoft Security.   Advertise on IT Security…

Read more →

New innovations for built-in and cross-platform security that embrace AI. The post New Microsoft Security innovations and partnerships appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: New Microsoft Security innovations and partnerships

Read more →

Microsoft Insider Risk Management and Communication Compliance in Microsoft 365 help organizations address internal risks—such as IP theft or code of conduct policy violations. The post Microsoft Insider Risk Management and Communication Compliance in Microsoft 365 now generally available appeared…

Read more →

Learn how Azure Sentinel helps SecOps to improve security across hybrid environments with free import of AWS CloudTrail logs through June 2020 and other product updates. The post Free import of AWS CloudTrail logs through June 2020 and other exciting…

Read more →

Azure Sentinel Fusion technology uses powerful machine learning methods to enable your SecOps team to focus on the threats that matter. The post Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals appeared first on Microsoft…

Read more →

Threat protection that changes our approach to attacks requires built-in intelligence that can understand how an attack got in, prevent its spread across domains, and automatically heal compromised assets. The post Microsoft Threat Protection stops attack sprawl and auto-heals enterprise…

Read more →

The way we work is evolving. Technology enables more effective employees by helping them to be productive where and when they choose. Businesses also enjoy the productivity benefits of a connected workforce. The post Unifying security policy across all mobile…

Read more →

The “Defending the power grid against supply chain attacks” blog series analyzes how supply chain attacks are conducted and the steps utilities, device manufacturers, and software providers can take to better secure critical infrastructure. The post Defending the power grid…

Read more →

Transformation is a daunting task. In this series, I explore how change is possible when addressing the components of people and technology that make up an organization. The post Changing the Monolith—Part 4: Quick tech wins for a cloud-first world…

Read more →

A connected workforce is fundamental to business. Learn how Azure AD protects Mattress Firm employees’ identities across the business. The post Mattress Firm deployed Azure Active Directory to securely connect Firstline Workers to their SaaS apps and to each other…

Read more →

Microsoft has made substantial investments in enabling our Bulk Electric System (BES) customers to comply with NERC CIP in Azure. The post NERC CIP compliance in Azure appeared first on Microsoft Security.   Advertise on IT Security News. Read the…

Read more →

On this episode of Afternoon Cyber Tea, Ann Johnson and Jane Frankland discuss chatbots, AI, and increasing the number of women in cybersecurity. The post Afternoon Cyber Tea—From threat intelligence to chatbots: A look at AI in cybersecurity appeared first…

Read more →

Announcing Safe Documents and Application Guard, new Microsoft 365 features that bring together Windows 10, Office 365, and Microsoft Defender ATP to help users stay secure and productive. The post Building on secure productivity appeared first on Microsoft Security.  …

Read more →

On this episode of Afternoon Cyber Tea, Ann Johnson and Jane Frankland discuss chatbots, AI, and increasing the number of women in cybersecurity. The post Afternoon Cyber Tea—From threat intelligence to chatbots: A look at AI in cybersecurity appeared first…

Read more →

Microsoft Security 20/20 will put the spotlight on companies and individuals with a clear-eyed view of the security challenges we face and smart integrated solutions to help solve them. The post Visionary security partners to be honored at the very…

Read more →

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization. The post Ghost in the shell: Investigating web shell attacks appeared…

Read more →

The RSA Conference 2020 kicks off in less than three weeks—here are a few highlights to help you plan your time. The post RSA Conference 2020—Empower your defenders with artificial intelligence and automation appeared first on Microsoft Security.   Advertise…

Read more →

Part 2 examines the hardware supply chain, its vulnerabilities, how you can protect yourself, and Microsoft’s role in reducing hardware-based attacks. The post Guarding against supply chain attacks—Part 2: Hardware risks appeared first on Microsoft Security.   Advertise on IT…

Read more →

New capabilities help you manage eDiscovery in Microsoft Teams and Yammer. The post New capabilities for eDiscovery now available appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: New capabilities for eDiscovery now available

Read more →

Digital transformation is a daunting task. In this series, I explore how change is possible when addressing the components of people, process, and technology that make up the organization. The post Changing the Monolith—Part 3: What’s your process? appeared first…

Read more →

A cyber-risk assessment is crucial to any organization’s risk management strategy. The post Cyber-risk assessments—the solution for companies in the Fourth Industrial Revolution appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: Cyber-risk assessments—the…

Read more →

Listen to Ann Johnson discuss the scale of cyber threats—past, present, and future—with security strategist, Marc Goodman on her new podcast, Afternoon Cyber Tea. The post Afternoon Cyber Tea—The State of Cybersecurity: How did we get here? What does it…

Read more →

Joy Chick, Corporate Vice President of Identity, shares five priorities central to security that organizations should prioritize in 2020. The post 5 identity priorities for 2020 appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete…

Read more →

Data Privacy Day is a great time to assess your company privacy policies to ensure you comply with local and regional regulations. The post Data privacy is about more than compliance—it’s about being a good world citizen appeared first on…

Read more →

To help you take a proactive role in getting ahead of privacy compliance, we’re announcing new privacy-focused assessments available in the public preview of Microsoft Compliance Score. The post New privacy assessments now included in Microsoft Compliance Score appeared first…

Read more →

Microsoft has built deep integrations with Zscaler—a cloud-native, multitenant security platform—to help organizations with their Zero Trust journey. The post Microsoft and Zscaler help organizations implement the Zero Trust model appeared first on Microsoft Security.   Advertise on IT Security…

Read more →

Azure Security Benchmark offers a collection of over 90 security best practices and recommendations you can employ to increase the overall security and compliance of all your workloads in Azure. The post Azure Security Benchmark—90 security and compliance best practices…

Read more →

sLoad has launched version 2.0. With the new version, sLoad, which is a PowerShell-based Trojan downloader notable for its almost exclusive use of the Windows BITS service for malicious activities, has added an anti-analysis trick and the ability to track…

Read more →

Learn what actions companies can take and controls they can validate in light of the current level of threats, and during any period of heightened risk. The post How companies can prepare for a heightened threat environment appeared first on…

Read more →

Transformation can be a daunting task. In this series, I explore how change is possible when addressing the components of people, process, and technology that make up the organization. The post Changing the monolith—Part 2: Whose support do you need?…

Read more →

Microsoft Application Inspector is a new source code analyzer that helps you understand what a program does by identifying interesting features and characteristics. The post Introducing Microsoft Application Inspector appeared first on Microsoft Security.   Advertise on IT Security News.…

Read more →

The goal of MFA implementation is to enable it for all your users, on all of your systems, all of the time. Learn how to successfully roll out and support MFA in your organization. The post How to implement Multi-Factor…

Read more →

Gamified cybersecurity learning is an increasingly important must-have in your SecOps program, from understanding basic concepts all the way into advanced attacker and defense scenarios. Microsoft and Circadence are working together to democratize and scale cyber readiness globally. The post…

Read more →

Digital transformation is a daunting task. In this series, I explore how change is possible when addressing the components of people, process, and technology that make up the organization. The post Changing the monolith—Part 1: Building alliances for a secure…

Read more →

With Microsoft 365 security services, governments can take confident steps to adopt a Zero Trust approach to cybersecurity. The post Microsoft 365 helps governments adopt a Zero Trust security model appeared first on Microsoft Security.   Advertise on IT Security…

Read more →

DART was called into an engagement where the adversary had a foothold within the on-premises network, which had been gained through compromising cloud credentials. Luckily, this customer had deployed Azure ATP prior to the incident and it had already normalized…

Read more →