Microsoft surveyed 800 cybersecurity professionals to gather their insights on data security. Read on for the top findings on data security strategies—and the value of a comprehensive cybersecurity solution. The post Top insights and best practices from the new Microsoft…
Category: Microsoft Security Blog
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries. The post Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction appeared…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report
Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023 report. The post Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report appeared first on Microsoft Security Blog. This article has been indexed…
Expanding audit logging and retention within Microsoft Purview for increased security visibility
Since our announcement in July 2023, we have made significant efforts to enhance the access of Microsoft Purview’s audit logging. This ongoing work expands accessibility and flexibility to cloud security logs. Read about the additional updates coming to Microsoft Purview…
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
Since early October 2023, Microsoft has observed North Korean nation-state threat actors Diamond Sleet and Onyx Sleet exploiting the Jet Brains TeamCity CVE-2023-42793 remote-code execution vulnerability. Given supply chain attacks carried out by these threat actors in the past, Microsoft…
Microsoft Security Copilot Early Access Program: Harnessing generative AI to empower security teams
Learn more about Microsoft Security Copilot—including its integration with Microsoft 365 Defender—as well as our latest innovations and announcements, and how your organization can get early access. The post Microsoft Security Copilot Early Access Program: Harnessing generative AI to empower…
Automatic disruption of human-operated attacks through containment of compromised user accounts
We added user containment to the automatic attack disruption capability in Microsoft Defender for Endpoint, a unique and innovative defense mechanism that stops human-operated attacks in their tracks. User containment is automatically triggered by high-fidelity signals and limits attackers’ ability…
Microsoft Defender for Endpoint now stops human-operated attacks on its own
Today, we’re pleased to announce that Microsoft Defender for Endpoint customers will now be able automatically to disrupt human-operated attacks like ransomware early in the kill chain without needing to deploy any other capabilities. Now, organizations only need to onboard…
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
Microsoft security researchers recently identified an attack where attackers attempted to move laterally to a cloud environment through a SQL Server instance. The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment to gain access…
Celebrate 20 years of Cybersecurity Awareness Month with Microsoft and let’s secure our world together
It’s Cybersecurity Awareness Month! Celebrate security with us and prioritize it year-round. Explore how Microsoft is continuously innovating and creating the #BeCybersmart kit to help you and your organization stay safe online. The post Celebrate 20 years of Cybersecurity Awareness…
Join the new Microsoft Security experience at Microsoft Ignite 2023
Join Microsoft Security at Microsoft Ignite 2023 for the latest security insights, hands-on skilling, product innovations, in-person networking, and more. The post Join the new Microsoft Security experience at Microsoft Ignite 2023 appeared first on Microsoft Security Blog. This article…
New security features in Windows 11 protect users and empower IT
Windows 11 is designed to simplify security with features from the chip to the cloud that are on by default. Since its launch, we’ve seen a 58 percent reduction in security. Learn more about the new features. The post New…
New Microsoft security tools to protect families and businesses
Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI. The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog. This…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise
For the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcases…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…
Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets
Since February 2023, Microsoft has observed a high volume of password spray attacks attributed to Peach Sandstorm, an Iranian nation-state group. In a small number of cases, Peach Sandstorm successfully authenticated to an account and used a combination of publicly…
Uncursing the ncurses: Memory corruption vulnerabilities found in library
A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program’s context or perform other malicious actions. The post Uncursing the ncurses: Memory…
Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to…
Cloud storage security: What’s new in the threat matrix
We’re announcing the release of a second version of our threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. The post Cloud storage security: What’s…
Navigating privacy in a data-driven world with Microsoft Priva
As the world becomes more data-driven and the privacy landscape continues to evolve, the need to take a proactive privacy approach increases. Here’s how Microsoft Priva can help. The post Navigating privacy in a data-driven world with Microsoft Priva appeared…
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
China-based actor Flax Typhoon is exploiting known vulnerabilities for public-facing servers, legitimate VPN software, and open-source malware to gain access to Taiwanese organizations, but not taking further action. The post Flax Typhoon using legitimate software to quietly access Taiwanese organizations…
How the Microsoft Incident Response team helps customers remediate threats
Microsoft Incident Response is a global team comprised of cybersecurity experts with deep, highly specialized knowledge in breach detection, response, and recovery. The post How the Microsoft Incident Response team helps customers remediate threats appeared first on Microsoft Security Blog.…
Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS
Microsoft researchers identified multiple high-severity vulnerabilities in the CODESYS V3 SDK that could put operational technology (OT) infrastructure at risk of attacks, such as remote code execution (RCE) and denial of service (DoS). The post Multiple high severity vulnerabilities in…
New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection
Gain greater visibility into your multicloud environments to better understand your security posture, minimize risk, and detect and respond to threats in real time. The post New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection appeared first on…
Boost identity protection with Axiad Cloud and Microsoft Entra ID
As IT environments become more complex and multilayered to combat cybersecurity attacks, authentication processes for applications, operating systems, and workplace locations are increasingly managed in silos. Axiad Cloud and Microsoft Entra ID help to strengthen security perimeters by provisioning and…
Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks
Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy. The post Microsoft Purview data security…
Microsoft AI Red Team building future of safer AI
We’re sharing best practices from our team so others can benefit from Microsoft’s learnings. These best practices can help security teams proactively hunt for failures in AI systems, define a defense-in-depth approach, and create a plan to evolve and grow…
Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things
Microsoft is invested in helping partners create Internet of Things solutions with strong security products that support the March 2023 United States National Cybersecurity Strategy. The post Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of…
Cyber Signals: Sporting events and venues draw cyberthreats at increasing rates
Today we released the fifth edition of Cyber Signals spotlighting threats to large sporting events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World Cup…
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM). The post Midnight Blizzard conducts targeted…
Microsoft Defender for Office 365 gets highest rating in SE Labs Enterprise Email Security Services test for Q1 2023
In Q1 2023 Q1, Microsoft was once again part of an evaluation of email security platforms conducted by SE Labs. We are thrilled to announce that Microsoft Defender for Office 365 has once again received an AAA Protection Award, the…
How to connect with Microsoft Security at Black Hat USA 2023
Learn more about the sessions, product demos, and special events presented by Microsoft at Black Hat 2023. The post How to connect with Microsoft Security at Black Hat USA 2023 appeared first on Microsoft Security Blog. This article has been…
How to build stronger security teams
Jayson Street of Truesec talks about security awareness training and building a foundation of cybersecurity. The post How to build stronger security teams appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog Read the…
Cryptojacking: Understanding and defending against cloud compute resource abuse
Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse. The post Cryptojacking: Understanding and defending against…
Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats
Take a closer look at how Microsoft Defender Experts for XDR works, and how it complements the power of the Microsoft 365 Defender suite. The post Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats appeared first…
New Microsoft identity and data security capabilities to accelerate CMMC compliance for the Defense Industrial Base
Microsoft introduces new capabilities in Microsoft Entra ID and Microsoft Purview that support CMMC compliance while also helping Defense Industrial Base organizations accelerate their Zero Trust journeys. The post New Microsoft identity and data security capabilities to accelerate CMMC compliance…
Microsoft Inspire: Partner resources to prepare for the future of security with AI
Microsoft Inspire is an incredible opportunity to share all the ways AI can support security efforts with our partner ecosystem. Register to hear strategies to prepare your organization for AI with comprehensive security and security posture. The post Microsoft Inspire:…
Expanding cloud logging to give customers deeper security visibility
Today we are expanding Microsoft’s cloud logging accessibility and flexibility even further. Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost. The post Expanding cloud logging to give…
Analysis of Storm-0558 techniques for unauthorized email access
Analysis of the techniques used by the threat actor tracked as Storm-0558 for obtaining unauthorized access to email data, tools, and unique infrastructure characteristics. The post Analysis of Storm-0558 techniques for unauthorized email access appeared first on Microsoft Security Blog.…
Storm-0978 attacks reveal financial and espionage motives
Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a zero-day remote code execution vulnerability exploited…
Microsoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra ID
Microsoft Entra is unifying identity and network access with a new Security Service Edge (SSE) solution and more identity innovations. The post Microsoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra ID appeared first on Microsoft…
Meet unprecedented security challenges by leveraging MXDR services
Microsoft is excited to announce the general availability of Microsoft Defender Experts for XDR, a first-party MXDR offering that gives security teams air cover with end-to-end protection and expertise. The post Meet unprecedented security challenges by leveraging MXDR services appeared…
Microsoft Defender for Endpoint is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022
Today, we are proud to share that Microsoft is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022. More customers choose and trust Microsoft Defender for Endpoint and Microsoft Defender for Business…
The five-day job: A BlackByte ransomware intrusion case study
In a recent investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption…
11 best practices for securing data in cloud services
This blog explores the importance and best practices for securing data in the cloud. It discusses concepts such as authentication, zero trust, and encryption, among others. The post 11 best practices for securing data in cloud services appeared first on…
Patch me if you can: Cyberattack Series
The Microsoft Incident Response team takes swift action to help contain a ransomware attack and regain positive administrative control of the customer environment. The post Patch me if you can: Cyberattack Series appeared first on Microsoft Security Blog. This article…
How automation is evolving SecOps—and the real cost of cybercrime
ramsac Founder and Managing Director Rob May shares insights on how automation can support SecOps and how to protect against phishing attacks. The post How automation is evolving SecOps—and the real cost of cybercrime appeared first on Microsoft Security Blog.…
Microsoft at NICE Conference: Resetting expectations and enabling diversity in the cybersecurity workforce
With the skills gap in cybersecurity professionals, Microsoft is helping attract new generations of diversified talent to the field, including leading discussions at the 2023 NICE Conference. The post Microsoft at NICE Conference: Resetting expectations and enabling diversity in the…
Why endpoint management is key to securing an AI-powered future
With the coming wave of AI, this is precisely the time for organizations to prepare for the future. To be properly ready for AI, Zero Trust principles take on new meaning and scope. The right endpoint management strategy can help…
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Microsoft has uncovered an attack leveraging custom and open-source tools to target internet-facing IoT devices and Linux-based systems. The attack involves deploying a patched version of OpenSSH on affected devices to allow root login and the hijack of SSH credentials.…
Expanding horizons—Microsoft Security’s continued commitment to multicloud
Learn how to manage multicloud security risk with Microsoft’s native multicloud protection for three of the industry’s main cloud platforms. The post Expanding horizons—Microsoft Security’s continued commitment to multicloud appeared first on Microsoft Security Blog. This article has been indexed…
Public preview: Improve Win32 app security via app isolation
The frequency and impact of zero-day vulnerabilities have witnessed a substantial increase over the years. Attackers frequently exploit either unknown or unpatched vulnerabilities. That’s why we are thrilled to announce the preview of Win32 app isolation. The post Public preview:…
Cadet Blizzard emerges as a novel and distinct Russian threat actor
Microsoft attributes several campaigns to a distinct Russian state-sponsored threat actor tracked as Cadet Blizzard (DEV-0586), including the WhisperGate destructive attack, Ukrainian website defacements, and the hack-and-leak front “Free Civilian”. The post Cadet Blizzard emerges as a novel and distinct…
Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave
Microsoft Defender for Office 365 is recognized as a Leader in Forrester’s 2023 Enterprise Email Security Wave Report. The post Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave appeared first on Microsoft Security Blog. This article…
How Microsoft and Sonrai integrate to eliminate attack paths
Cloud development challenges conventional thinking about risk. Sonrai integrates with Microsoft Sentinel to monitor threats across vectors and automate responses by leveraging security orchestration, automation, and response playbooks, and Microsoft Defender for Cloud to provide visibility across the entire digital…
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign
Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations…
Join our digital event to learn what’s new in Microsoft Entra
Join us at the digital event Reimagine secure access with Microsoft Entra to explore how to make identity your first line of defense and to hear about innovative products. The post Join our digital event to learn what’s new in…
Why a proactive detection and incident response plan is crucial for your organization
Matt Suiche of Magnet Forensics talks about top security threats for organizations and strategies for effective incident response. The post Why a proactive detection and incident response plan is crucial for your organization appeared first on Microsoft Security Blog. This…
XDR meets IAM: Comprehensive identity threat detection and response with Microsoft
Identity-based attacks are on the rise, making identity protection more important than ever. Explore our blog post to learn how Microsoft’s Identity Threat Detection and Response can help. The post XDR meets IAM: Comprehensive identity threat detection and response with…
New macOS vulnerability, Migraine, could bypass System Integrity Protection
A new vulnerability, which we refer to as “Migraine”, could allow an attacker with root access to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. The post New macOS vulnerability, Migraine, could bypass System…
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Chinese state-sponsored actor Volt Typhoon is using stealthy techniques to target US critical infrastructure, conduct espionage, and dwell in compromised environments. The post Volt Typhoon targets US critical infrastructure with living-off-the-land techniques appeared first on Microsoft Security Blog. This article…
Microsoft Build 2023: Announcing new identity, compliance, and security features from Microsoft Security
Microsoft Build 2023 is the place to discover new features and technologies, share ideas, and boost your skills. Learn about the new identity and compliance features we’re announcing. The post Microsoft Build 2023: Announcing new identity, compliance, and security features…
Cyber Signals: Shifting tactics fuel surge in business email compromise
Business email operators seek to exploit the daily sea of email traffic to lure victims into providing financial and other sensitive business information. The post Cyber Signals: Shifting tactics fuel surge in business email compromise appeared first on Microsoft Security…
Microsoft Security highlights from RSA Conference 2023
At RSA Conference April 24 to 26, 2023, Microsoft Security shared solution news and insights. Watch Vasu Jakkal’s keynote on-demand (video courtesy of RSA conference). The post Microsoft Security highlights from RSA Conference 2023 appeared first on Microsoft Security Blog.…
How Microsoft can help you go passwordless this World Password Day
Learn how guessing, replay, phishing, and multifactor authentication fatigue attacks demonstrate the ongoing vulnerability of passwords, and why going passwordless makes your organization more secure while improving user experience. The post How Microsoft can help you go passwordless this World…
Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report
Forrester recognizes Microsoft’s strong vision and significant investments in Infrastructure-as-a-Service Platform Native Security offerings. The post Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report appeared first on Microsoft Security Blog. This article has been indexed from…
Why you should practice rollbacks to prevent data loss in a ransomware attack
Tanya Janca, Founder and Chief Executive Officer of We Hack Purple, shares insights on application security and offers strategies to protect against data loss from ransomware attacks. The post Why you should practice rollbacks to prevent data loss in a…
Healthy security habits to fight credential breaches: Cyberattack Series
This is the second in an ongoing series exploring some of the most notable cases of the Microsoft Incident Response Team. In this story, we’ll explore how organizations can adopt a defense-in-depth security posture to help protect against credential breaches…
Microsoft announces the 2023 Microsoft Security Excellence Awards winners
At the fourth annual Microsoft Security Excellence Awards, we recognized outstanding contributions from Microsoft Intelligent Security Association (MISA) members and celebrated the next generation of security defenders. See all the finalists and winners. The post Microsoft announces the 2023 Microsoft…
Stay compliant and protect sensitive data with Zero Trust security
Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach. The post Stay compliant and protect sensitive data with Zero Trust security appeared first on Microsoft Security Blog. This article has been indexed…
Getting started with the CDMC framework—Microsoft’s guide to cloud data management
Learn how Cloud Data Management Capabilities (CDMC) certification can build trust with your customers and provide a standard for data governance and controls for managing sensitive data at scale. The post Getting started with the CDMC framework—Microsoft’s guide to cloud…
Microsoft Entra delivers 240 percent ROI, according to new Forrester study
Learn why Microsoft Entra delivers 240-percent ROI—get key benefits and real-world learnings from adopters across the financial, high-tech, and manufacturing sectors. The post Microsoft Entra delivers 240 percent ROI, according to new Forrester study appeared first on Microsoft Security Blog.…
Simplified endpoint management with Microsoft Intune Suite: Adopting a long-term approach with intelligence and automation
Do you feel like your endpoint management set-up is too complex? This step-by-step guide will help you create a vision and set you on the path to simpler endpoint management. The post Simplified endpoint management with Microsoft Intune Suite: Adopting…
Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets
Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of…
Microsoft shifts to a new threat actor naming taxonomy
Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft…
Protect intellectual property with Govern 365 and Microsoft Purview
Learn how to secure sensitive information within your global supply chain with Netwoven Govern 365 and Microsoft Purview Information Protection. The post Protect intellectual property with Govern 365 and Microsoft Purview appeared first on Microsoft Security Blog. This article has…
See product news and on-demand sessions from Microsoft Secure
Microsoft Secure on March 28, 2023, was a major success, thanks to more than 51,000 virtual attendees. It’s not too late to watch a session you missed. Watch on-demand. The post See product news and on-demand sessions from Microsoft Secure…
Threat actors strive to cause Tax Day headaches
With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos RAT and compromise target networks. The post Threat actors strive to cause Tax Day headaches appeared first on Microsoft…
Improve supply chain security and resiliency with Microsoft
The Microsoft Supply Chain Platform was just launched to help companies protect their supply chains against cyber threats. The post Improve supply chain security and resiliency with Microsoft appeared first on Microsoft Security Blog. This article has been indexed…
LinkedIn and Microsoft Entra introduce a new way to verify your workplace
LinkedIn members can use a Microsoft Entra Verified ID credential issued from their organization to verify their workplace on their public profile and add instant credibility, increasing trust and confidence in interactions. The post LinkedIn and Microsoft Entra introduce a…
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. The post Guidance for investigating attacks using CVE-2022-21894:…
DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia
Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s…
MERCURY and DEV-1084: Destructive attack on hybrid environment
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments. The post MERCURY and DEV-1084: Destructive attack on hybrid environment appeared first on Microsoft Security Blog. This article has been indexed from…
DevOps threat matrix
In this blog, we discuss threats we face in our DevOps environment, introducing our new threat matrix for DevOps. Using this matrix, we show the different techniques an adversary might use to attack an organization from the initial access phase…
Secure hybrid and remote workplaces with a Zero Trust approach
Secure your organization’s digital estate through a comprehensive Zero Trust approach. The post Secure hybrid and remote workplaces with a Zero Trust approach appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog Read the…