This article has been indexed from Microsoft Security Blog Microsoft Teams has seen a surge in growth during the pandemic with over 115 million daily active users and growing. With it, customer imperative for enabling safe and trustworthy online collaboration…
Category: Microsoft Security Blog
Azure network security helps reduce cost and risk according to Forrester TEI study
This article has been indexed from Microsoft Security Blog As organizations move their computing from on-premises to the cloud, they realize that leveraging cloud-native security tools can provide additional cost savings and business benefits to their security infrastructure. Azure network…
How cyberattacks are changing according to new Microsoft Digital Defense Report
This article has been indexed from Microsoft Security Blog Get the latest expert insights on human-operated ransomware, phishing attacks, malware, and more to get ahead of these threats before they begin. The post How cyberattacks are changing according to new…
Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors
This article has been indexed from Microsoft Security Blog MSTIC has observed DEV-0343 conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on United States and Israeli defense technology companies, Persian Gulf ports of entry,…
Microsoft’s 5 guiding principles for decentralized identities
This article has been indexed from Microsoft Security Blog Microsoft is excited about the opportunity to create a decentralized identity system that increases customer trust and adoption by minimizing data processing and providing the user much greater control of the…
Practical tips on how to use application security testing and testing standards
This article has been indexed from Microsoft Security Blog Banco Santander Global Head of Security Research Daniel Cuthbert talks with Microsoft about how to use application security testing and testing standards to increase application security. The post Practical tips on…
Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work
This article has been indexed from Microsoft Security Blog As the world has changed over the past 18-months, companies have been wrestling with ways to keep employees and data protected as they support new ways of hybrid working. We built…
#BeCyberSmart: When we learn together, we’re more secure together
This article has been indexed from Microsoft Security Blog It’s Cybersecurity Awareness Month. See how you can #BeCyberSmart and help others in your organization be safe. The post #BeCyberSmart: When we learn together, we’re more secure together appeared first on…
3 key resources to accelerate your passwordless journey
This article has been indexed from Microsoft Security Blog The risks now outweigh the benefits for organizations using passwords as a security mechanism. In this post, we share the top resources to help you move forward on your passwordless journey.…
Defend against zero-day exploits with Microsoft Defender Application Guard
This article has been indexed from Microsoft Security Blog Zero-day security vulnerabilities are like gold to attackers. With zero-days, or even zero-hours, developers have no time to patch the code, giving hackers enough access and time to explore and map…
How nation-state attackers like NOBELIUM are changing cybersecurity
This article has been indexed from Microsoft Security Blog In the first of a four-part series on the NOBELIUM nation-state attack, we describe the attack and explain why enterprises should be cautious. The post How nation-state attackers like NOBELIUM are…
A simpler, more integrated approach to data governance
This article has been indexed from Microsoft Security Blog Today, I’m excited to share the general availability of Microsoft Azure Purview, giving organizations that holistic understanding of their data that is so critically important. Azure Purview addresses the need for…
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
This article has been indexed from Microsoft Security Blog In-depth analysis of newly detected NOBELIUM malware: a post-exploitation backdoor that Microsoft Threat Intelligence Center (MSTIC) refers to as FoggyWeb. NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised…
A guide to combatting human-operated ransomware: Part 2
This article has been indexed from Microsoft Security Blog In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack. The post…
3 trends shaping identity as the center of modern security
This article has been indexed from Microsoft Security Blog In the face of increasingly advanced threats, complex multi-cloud environments, and an evolving trust fabric, identity is emerging as a critical player to deliver the next generation of security, governance, and…
Catching the big fish: Analyzing a large-scale phishing-as-a-service operation
This article has been indexed from Microsoft Security Blog With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today. We are sharing these…
A guide to combatting human-operated ransomware: Part 1
This article has been indexed from Microsoft Security Blog As human-operated ransomware is on the rise, Microsoft’s Detection and Response Team (DART) shares how they investigate these attacks and what to consider when faced with a similar event in your…
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
This article has been indexed from Microsoft Security Blog This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks…
The passwordless future is here for your Microsoft account
This article has been indexed from Microsoft Security Blog Beginning today, you can break free from your password and go passwordless with your Microsoft account. The post The passwordless future is here for your Microsoft account appeared first on Microsoft…
Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors
This article has been indexed from Microsoft Security Blog Head of Mandiant Intelligence at FireEye Sandra Joyce talks with Microsoft’s Ann Johnson about the cybersecurity threats to US elections and how to fight them. The post Afternoon Cyber Tea: Learn…
Combat attacks with security solutions from Trustwave and Microsoft
This article has been indexed from Microsoft Security Blog Cyberattacks and ransomware demands are on the rise. Microsoft security solutions and managed security service providers help organizations enable a proactive cybersecurity approach. The post Combat attacks with security solutions from…
Why diversity is important for a strong cybersecurity team
This article has been indexed from Microsoft Security Blog LinkedIn Chief Information Security Officer Geoff Belknap talks with Microsoft’s Bret Arsenault about recruiting cybersecurity talent and solving the skills gap. The post Why diversity is important for a strong cybersecurity…
3 steps to prevent and recover from ransomware
This article has been indexed from Microsoft Security Blog Learn real-world steps for protecting against the latest ransomware and other malicious cyberattacks. The post 3 steps to prevent and recover from ransomware appeared first on Microsoft Security Blog. Read the…
A deep-dive into the SolarWinds Serv-U SSH vulnerability
This article has been indexed from Microsoft Security Blog We’re sharing technical information about the vulnerability tracked as CVE-2021-35211, which was used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks. The post A deep-dive into the…
Get free DMARC visibility with Valimail Authenticate and Microsoft Office 365
This article has been indexed from Microsoft Security Blog Phishing and email spoofing not only erode brand trust, but they also leave recipients vulnerable to financial loss and serious invasions of privacy. The post Get free DMARC visibility with Valimail…
Microsoft a Leader in 2021 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools
This article has been indexed from Microsoft Security Blog Adapting to the evolving business landscape, organizations increasingly depend on Microsoft Endpoint Manager to enable hybrid work—where the endpoint is the new workplace. The post Microsoft a Leader in 2021 Gartner®…
How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud
This article has been indexed from Microsoft Security Blog DoD and DIB suppliers—see how Microsoft can give your business a competitive edge toward CMMC compliance. The post How to prepare for CMMC compliance as a defense industrial base supplier using…
Widespread credential phishing campaign abuses open redirector links
This article has been indexed from Microsoft Security Blog Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links, which allow attackers to use a URL in a trusted domain and embed the eventual final malicious…
Cybersecurity’s next fight: How to protect employees from online harassment
This article has been indexed from Microsoft Security Blog Tall Poppy CEO and Co-founder Leigh Honeywell talks with Microsoft about how companies can support employees who have been targeted for online harassment. The post Cybersecurity’s next fight: How to protect…
How Vodafone Global Security Director creates an inclusive and secure workplace
This article has been indexed from Microsoft Security Blog Vodafone Global Cybersecurity Director Emma Smith talks about leading an inclusive workplace and shares security strategies—like how to get rid of passwords. The post How Vodafone Global Security Director creates an…
How to proactively defend against Mozi IoT botnet
This article has been indexed from Microsoft Security Blog Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs). It works by exploiting weak telnet passwords1…
Automating security assessments using Cloud Katana
This article has been indexed from Microsoft Security Blog Today, we are open-sourcing Cloud Katana, a cloud-native tool under development, to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built…
Migrating content from traditional SIEMs to Azure Sentinel
This article has been indexed from Microsoft Security Blog Get tips on migrating data and detections from your on-premises SIEM to Azure Sentinel, including how to streamline tasks using automation. The post Migrating content from traditional SIEMs to Azure Sentinel…
Trend-spotting email techniques: How modern phishing emails hide in plain sight
This article has been indexed from Microsoft Security Blog By spotting trends in the techniques used by attackers in phishing attacks, we can swiftly respond to attacks and use the knowledge to improve customer security and build comprehensive protections through…
Microsoft and NIST collaborate on EO to drive Zero Trust adoption
This article has been indexed from Microsoft Security Blog Learn how Microsoft is helping federal agencies to implement standards-based cybersecurity technologies such as NIST and Zero Trust in the real world. The post Microsoft and NIST collaborate on EO to…
Attackers use Morse code, other encryption methods in evasive phishing campaign
This article has been indexed from Microsoft Security Blog During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation and skill to constantly evade detection…
7 ways to harden your environment against compromise
This article has been indexed from Microsoft Security Blog Here at the global Microsoft Compromise Recovery Security Practice (CRSP), we work with customers who have experienced disruptive security incidents to restore trust in identity systems and remove adversary control. During…
How security can keep media and sources safe
This article has been indexed from Microsoft Security Blog In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Runa Sandvik, an expert on journalistic security and the former Senior Director of Information…
Sharing the first SimuLand dataset to expedite research and learn about adversary tradecraft
This article has been indexed from Microsoft Security Blog Last month, we introduced the SimuLand project to help security researchers around the world deploy lab environments to reproduce well-known attack scenarios, actively test detections, and learn more about the underlying…
Spotting brand impersonation with Swin transformers and Siamese neural networks
This article has been indexed from Microsoft Security Blog Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In this blog, we discuss our…
How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel
This article has been indexed from Microsoft Security Blog Learn whether a transitional or long-term side-by-side deployment can best serve your migration to Microsoft’s cloud-native SIEM. The post How to manage a side-by-side transition from your traditional SIEM to Azure…
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
This article has been indexed from Microsoft Security Blog LemonDuck is an actively updated and robust malware primarily known for its botnet and cryptocurrency mining objectives. Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials,…
Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and more
This article has been indexed from Microsoft Security Blog Get previews of Microsoft’s latest security solutions, information on virtual sessions, and more for Black Hat 2021. The post Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and…
Attack AI systems in Machine Learning Evasion Competition
This article has been indexed from Microsoft Security Blog Today, we are launching MLSEC.IO, a new machine learning security evasion competition as an educational effort for the AI and security communities to exercise their muscle to attack critical AI systems…
BazaCall: Phony call centers lead to exfiltration and ransomware
This article has been indexed from Microsoft Security Blog Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been…
Zero Trust Adoption Report: How does your organization compare?
This article has been indexed from Microsoft Security Blog The last decade has been full of disruptions that have required organizations to adapt and accelerate their security transformation. As we look forward to the next major disruption—the move to hybrid…
Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques
This article has been indexed from Microsoft Security Blog A new approach for malware classification combines deep learning with fuzzy hashing. Fuzzy hashes identify similarities among malicious files and a deep learning methodology inspired by natural language processing (NLP) better…
How to protect your CAD data files with MIP and HALOCAD
This article has been indexed from Microsoft Security Blog SECUDE has integrated their HALOCAD solution with Microsoft Information Protection SDK which extends the data protection beyond the organization’s IT perimeter. The post How to protect your CAD data files with…
A guide to balancing external threats and insider risk
This article has been indexed from Microsoft Security Blog Rockwell Automation Vice President and Chief Information Security Officer Dawn Cappelli talks about assessing, measuring, and protecting against insider risk. The post A guide to balancing external threats and insider risk…
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
This article has been indexed from Microsoft Security Blog LemonDuck, an actively updated and robust malware that’s primarily known for its botnet and cryptocurrency mining objectives, adopted more sophisticated behavior and escalated its operations. Today, beyond using resources for its…
The evolution of a matrix: How ATT&CK for Containers was built
This article has been indexed from Microsoft Security Blog As containers become a major part of many organizations’ IT workloads, it becomes crucial to consider the unique security threats that target such environments when building security solutions. The first step…
Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management
This article has been indexed from Microsoft Security Blog Today on the Official Microsoft Blog, Microsoft announced the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. The post Microsoft…
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
This article has been indexed from Microsoft Security Blog The Microsoft Threat Intelligence Center (MSTIC) alongside the Microsoft Security Response Center (MSRC) has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows…
Microsoft delivers comprehensive solution to battle rise in consent phishing emails
This article has been indexed from Microsoft Security Blog Microsoft threat analysts are tracking a continued increase in consent phishing emails, also called illicit consent grants, that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned…
How Microsoft Security empowers partners to build customer trust
This article has been indexed from Microsoft Security Blog Our world is changing, and Microsoft Security is rising to the challenges of a new normal. Today, I want to share more about how we are empowering our partners to be…
MISA expands portfolio and looks ahead during Microsoft Inspire
This article has been indexed from Microsoft Security Blog MISA extends product portfolio, adds sessions for Microsoft Inspire, and more. The post MISA expands portfolio and looks ahead during Microsoft Inspire appeared first on Microsoft Security Blog. Read the original…
Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit
This article has been indexed from Microsoft Security Blog Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign…
Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work
This article has been indexed from Microsoft Security Blog Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a…
Microsoft named a Visionary in the 2021 Gartner Magic Quadrant for SIEM for Azure Sentinel
This article has been indexed from Microsoft Security Blog We’re excited to announce that in its first year of inclusion in the Magic Quadrant report, Microsoft Azure Sentinel has been named a Visionary, where we were recognized for our completeness…
How to build a privacy program the right way
This article has been indexed from Microsoft Security Blog Asana Privacy Counsel Whitney Merrill, an expert on privacy legal issues, talks with Microsoft about best practices for building a privacy program. The post How to build a privacy program the…
Accessibility and usability for all in Azure Sentinel
This article has been indexed from Microsoft Security Blog Designing with accessibility in mind greatly expands the impact of Microsoft solutions. However, the impact of accessible design is even bigger than that. When we design for accessibility, everyone benefits. The…
Preparing for your migration from on-premises SIEM to Azure Sentinel
This article has been indexed from Microsoft Security Blog Learn how to plan and prepare for migration from a traditional on-premises SIEM to Microsoft’s cloud-native SIEM for intelligent security analytics at cloud scale. The post Preparing for your migration from…
Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise
This article has been indexed from Microsoft Security Blog We discovered vulnerabilities in NETGEAR DGN-2200v1 series routers that can compromise a network’s security—opening the gates for attackers to roam untethered through an entire organization. We shared our findings with NETGEAR…
The critical role of Zero Trust in securing our world
This article has been indexed from Microsoft Security Blog US Executive Order on Cybersecurity delivers valuable guidance for both public and private organizations to make the world safer for all. The post The critical role of Zero Trust in securing…
MITRE ATT&CK® mappings released for built-in Azure security controls
This article has been indexed from Microsoft Security Blog Microsoft is pleased to announce the publication of the Security Stack Mappings for Azure project in partnership with the Center for Threat-Informed Defense. The post MITRE ATT&CK® mappings released for built-in…
Encouraging women to embrace their cybersecurity superpowers
This article has been indexed from Microsoft Security Blog The cybersecurity challenges of today require a diversity of skills, perspectives, and experiences, yet women remain underrepresented in this field. Girl Security and Microsoft Security are forging a new fellowship around…
Windows 11 enables security by design from the chip to the cloud
This article has been indexed from Microsoft Security Blog Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we…
Strategies, tools, and frameworks for building an effective threat intelligence team
This article has been indexed from Microsoft Security Blog Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team. The post Strategies, tools, and frameworks for building an…
Strategies, tools, and frameworks for building an effective threat intelligence team
This article has been indexed from Microsoft Security Blog Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team. The post Strategies, tools, and frameworks for building an…
Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19
This article has been indexed from Microsoft Security Blog Microsoft Chief Information Security Officer Bret Arsenault discusses Microsoft’s response to COVID-19 and the new cybersecurity threats that have emerged. The post Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19 appeared…