Category: Microsoft Security Blog

Join Microsoft Security at Microsoft Ignite 2023 for the latest security insights, hands-on skilling, product innovations, in-person networking, and more. The post Join the new Microsoft Security experience at Microsoft Ignite 2023 appeared first on Microsoft Security Blog. This article…

Read more →

Windows 11 is designed to simplify security with features from the chip to the cloud that are on by default. Since its launch, we’ve seen a 58 percent reduction in security. Learn more about the new features. The post New…

Read more →

Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI. The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog. This…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

​For the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcases…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Microsoft is proud to be recognized as a Leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. The post Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report appeared first on Microsoft…

Read more →

Since February 2023, Microsoft has observed a high volume of password spray attacks attributed to Peach Sandstorm, an Iranian nation-state group. In a small number of cases, Peach Sandstorm successfully authenticated to an account and used a combination of publicly…

Read more →

A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program’s context or perform other malicious actions. The post Uncursing the ncurses: Memory…

Read more →

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to…

Read more →

We’re announcing the release of a second version of our threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. The post Cloud storage security: What’s…

Read more →

As the world becomes more data-driven and the privacy landscape continues to evolve, the need to take a proactive privacy approach increases. Here’s how Microsoft Priva can help. The post Navigating privacy in a data-driven world with Microsoft Priva appeared…

Read more →

China-based actor Flax Typhoon is exploiting known vulnerabilities for public-facing servers, legitimate VPN software, and open-source malware to gain access to Taiwanese organizations, but not taking further action. The post Flax Typhoon using legitimate software to quietly access Taiwanese organizations…

Read more →

Microsoft Incident Response is a global team comprised of cybersecurity experts with deep, highly specialized knowledge in breach detection, response, and recovery. The post How the Microsoft Incident Response team helps customers remediate threats appeared first on Microsoft Security Blog.…

Read more →

Microsoft researchers identified multiple high-severity vulnerabilities in the CODESYS V3 SDK that could put operational technology (OT) infrastructure at risk of attacks, such as remote code execution (RCE) and denial of service (DoS). The post Multiple high severity vulnerabilities in…

Read more →

Gain greater visibility into your multicloud environments to better understand your security posture, minimize risk, and detect and respond to threats in real time. The post New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection appeared first on…

Read more →

As IT environments become more complex and multilayered to combat cybersecurity attacks, authentication processes for applications, operating systems, and workplace locations are increasingly managed in silos. Axiad Cloud and Microsoft Entra ID help to strengthen security perimeters by provisioning and…

Read more →

Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy. The post Microsoft Purview data security…

Read more →

We’re sharing best practices from our team so others can benefit from Microsoft’s learnings. These best practices can help security teams proactively hunt for failures in AI systems, define a defense-in-depth approach, and create a plan to evolve and grow…

Read more →

Microsoft is invested in helping partners create Internet of Things solutions with strong security products that support the March 2023 United States National Cybersecurity Strategy. The post Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of…

Read more →

Today we released the fifth edition of Cyber Signals spotlighting threats to large sporting events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World Cup…

Read more →

Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM). The post Midnight Blizzard conducts targeted…

Read more →

In Q1 2023 Q1, Microsoft was once again part of an evaluation of email security platforms conducted by SE Labs. We are thrilled to announce that Microsoft Defender for Office 365 has once again received an AAA Protection Award, the…

Read more →

Learn more about the sessions, product demos, and special events presented by Microsoft at Black Hat 2023. The post How to connect with Microsoft Security at Black Hat USA 2023 appeared first on Microsoft Security Blog. This article has been…

Read more →

Jayson Street of Truesec talks about security awareness training and building a foundation of cybersecurity. The post How to build stronger security teams appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog Read the…

Read more →

Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse. The post Cryptojacking: Understanding and defending against…

Read more →

Take a closer look at how Microsoft Defender Experts for XDR works, and how it complements the power of the Microsoft 365 Defender suite. The post Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats appeared first…

Read more →

Microsoft introduces new capabilities in Microsoft Entra ID and Microsoft Purview that support CMMC compliance while also helping Defense Industrial Base organizations accelerate their Zero Trust journeys. The post New Microsoft identity and data security capabilities to accelerate CMMC compliance…

Read more →

Microsoft Inspire is an incredible opportunity to share all the ways AI can support security efforts with our partner ecosystem. Register to hear strategies to prepare your organization for AI with comprehensive security and security posture. The post Microsoft Inspire:…

Read more →

Today we are expanding Microsoft’s cloud logging accessibility and flexibility even further. Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost. The post ​​Expanding cloud logging to give…

Read more →

Analysis of the techniques used by the threat actor tracked as Storm-0558 for obtaining unauthorized access to email data, tools, and unique infrastructure characteristics.  The post Analysis of Storm-0558 techniques for unauthorized email access appeared first on Microsoft Security Blog.…

Read more →

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a zero-day remote code execution vulnerability exploited…

Read more →

Microsoft Entra is unifying identity and network access with a new Security Service Edge (SSE) solution and more identity innovations. The post Microsoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra ID appeared first on Microsoft…

Read more →

Microsoft is excited to announce the general availability of Microsoft Defender Experts for XDR, a first-party MXDR offering that gives security teams air cover with end-to-end protection and expertise. The post Meet unprecedented security challenges by leveraging MXDR services appeared…

Read more →

Today, we are proud to share that Microsoft is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022. More customers choose and trust Microsoft Defender for Endpoint and Microsoft Defender for Business…

Read more →

In a recent investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption…

Read more →

This blog explores the importance and best practices for securing data in the cloud. It discusses concepts such as authentication, zero trust, and encryption, among others. The post 11 best practices for securing data in cloud services appeared first on…

Read more →

The Microsoft Incident Response team takes swift action to help contain a ransomware attack and regain positive administrative control of the customer environment. The post Patch me if you can: Cyberattack Series appeared first on Microsoft Security Blog. This article…

Read more →

ramsac Founder and Managing Director Rob May shares insights on how automation can support SecOps and how to protect against phishing attacks. The post How automation is evolving SecOps—and the real cost of cybercrime appeared first on Microsoft Security Blog.…

Read more →

With the skills gap in cybersecurity professionals, Microsoft is helping attract new generations of diversified talent to the field, including leading discussions at the 2023 NICE Conference. The post Microsoft at NICE Conference: Resetting expectations and enabling diversity in the…

Read more →

With the coming wave of AI, this is precisely the time for organizations to prepare for the future. To be properly ready for AI, Zero Trust principles take on new meaning and scope. The right endpoint management strategy can help…

Read more →

Microsoft has uncovered an attack leveraging custom and open-source tools to target internet-facing IoT devices and Linux-based systems. The attack involves deploying a patched version of OpenSSH on affected devices to allow root login and the hijack of SSH credentials.…

Read more →

Learn how to manage multicloud security risk with Microsoft’s native multicloud protection for three of the industry’s main cloud platforms. The post Expanding horizons—Microsoft Security’s continued commitment to multicloud appeared first on Microsoft Security Blog. This article has been indexed…

Read more →

The frequency and impact of zero-day vulnerabilities have witnessed a substantial increase over the years. Attackers frequently exploit either unknown or unpatched vulnerabilities. That’s why we are thrilled to announce the preview of Win32 app isolation. The post Public preview:…

Read more →

Microsoft attributes several campaigns to a distinct Russian state-sponsored threat actor tracked as Cadet Blizzard (DEV-0586), including the WhisperGate destructive attack, Ukrainian website defacements, and the hack-and-leak front “Free Civilian”. The post Cadet Blizzard emerges as a novel and distinct…

Read more →

Microsoft Defender for Office 365 is recognized as a Leader in Forrester’s 2023 Enterprise Email Security Wave Report. The post Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave appeared first on Microsoft Security Blog. This article…

Read more →

Cloud development challenges conventional thinking about risk. Sonrai integrates with Microsoft Sentinel to monitor threats across vectors and automate responses by leveraging security orchestration, automation, and response playbooks, and Microsoft Defender for Cloud to provide visibility across the entire digital…

Read more →

Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations…

Read more →

Join us at the digital event Reimagine secure access with Microsoft Entra to explore how to make identity your first line of defense and to hear about innovative products. The post Join our digital event to learn what’s new in…

Read more →

Matt Suiche of Magnet Forensics talks about top security threats for organizations and strategies for effective incident response. The post Why a proactive detection and incident response plan is crucial for your organization appeared first on Microsoft Security Blog. This…

Read more →

Identity-based attacks are on the rise, making identity protection more important than ever. Explore our blog post to learn how Microsoft’s Identity Threat Detection and Response can help. The post XDR meets IAM: Comprehensive identity threat detection and response with…

Read more →

A new vulnerability, which we refer to as “Migraine”, could allow an attacker with root access to bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. The post New macOS vulnerability, Migraine, could bypass System…

Read more →

Chinese state-sponsored actor Volt Typhoon is using stealthy techniques to target US critical infrastructure, conduct espionage, and dwell in compromised environments. The post Volt Typhoon targets US critical infrastructure with living-off-the-land techniques appeared first on Microsoft Security Blog. This article…

Read more →

Microsoft Build 2023 is the place to discover new features and technologies, share ideas, and boost your skills. Learn about the new identity and compliance features we’re announcing. The post Microsoft Build 2023: Announcing new identity, compliance, and security features…

Read more →

Business email operators seek to exploit the daily sea of email traffic to lure victims into providing financial and other sensitive business information. The post Cyber Signals: Shifting tactics fuel surge in business email compromise appeared first on Microsoft Security…

Read more →

At RSA Conference April 24 to 26, 2023, Microsoft Security shared solution news and insights. Watch Vasu Jakkal’s keynote on-demand (video courtesy of RSA conference). The post Microsoft Security highlights from RSA Conference 2023 appeared first on Microsoft Security Blog.…

Read more →

Learn how guessing, replay, phishing, and multifactor authentication fatigue attacks demonstrate the ongoing vulnerability of passwords, and why going passwordless makes your organization more secure while improving user experience. The post How Microsoft can help you go passwordless this World…

Read more →

Forrester recognizes Microsoft’s strong vision and significant investments in Infrastructure-as-a-Service Platform Native Security offerings. The post Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report appeared first on Microsoft Security Blog. This article has been indexed from…

Read more →

Tanya Janca, Founder and Chief Executive Officer of We Hack Purple, shares insights on application security and offers strategies to protect against data loss from ransomware attacks. The post Why you should practice rollbacks to prevent data loss in a…

Read more →

This is the second in an ongoing series exploring some of the most notable cases of the Microsoft Incident Response Team. In this story, we’ll explore how organizations can adopt a defense-in-depth security posture to help protect against credential breaches…

Read more →

At the fourth annual Microsoft Security Excellence Awards, we recognized outstanding contributions from Microsoft Intelligent Security Association (MISA) members and celebrated the next generation of security defenders. See all the finalists and winners. The post Microsoft announces the 2023 Microsoft…

Read more →

Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach. The post Stay compliant and protect sensitive data with Zero Trust security appeared first on Microsoft Security Blog. This article has been indexed…

Read more →

Learn how Cloud Data Management Capabilities (CDMC) certification can build trust with your customers and provide a standard for data governance and controls for managing sensitive data at scale. The post Getting started with the CDMC framework—Microsoft’s guide to cloud…

Read more →

Learn why Microsoft Entra delivers 240-percent ROI—get key benefits and real-world learnings from adopters across the financial, high-tech, and manufacturing sectors. The post Microsoft Entra delivers 240 percent ROI, according to new Forrester study appeared first on Microsoft Security Blog.…

Read more →

Do you feel like your endpoint management set-up is too complex? This step-by-step guide will help you create a vision and set you on the path to simpler endpoint management. The post Simplified endpoint management with Microsoft Intune Suite: Adopting…

Read more →

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of…

Read more →

Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft…

Read more →

Learn how to secure sensitive information within your global supply chain with Netwoven Govern 365 and Microsoft Purview Information Protection. The post Protect intellectual property with Govern 365 and Microsoft Purview appeared first on Microsoft Security Blog. This article has…

Read more →

Microsoft Secure on March 28, 2023, was a major success, thanks to more than 51,000 virtual attendees. It’s not too late to watch a session you missed. Watch on-demand. The post See product news and on-demand sessions from Microsoft Secure…

Read more →

With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos RAT and compromise target networks. The post Threat actors strive to cause Tax Day headaches appeared first on Microsoft…

Read more →

The Microsoft Supply Chain Platform was just launched to help companies protect their supply chains against cyber threats. The post Improve supply chain security and resiliency with Microsoft   appeared first on Microsoft Security Blog. This article has been indexed…

Read more →

LinkedIn members can use a Microsoft Entra Verified ID credential issued from their organization to verify their workplace on their public profile and add instant credibility, increasing trust and confidence in interactions. The post LinkedIn and Microsoft Entra introduce a…

Read more →

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. The post Guidance for investigating attacks using CVE-2022-21894:…

Read more →

Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s…

Read more →

Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments. The post MERCURY and DEV-1084: Destructive attack on hybrid environment appeared first on Microsoft Security Blog. This article has been indexed from…

Read more →

In this blog, we discuss threats we face in our DevOps environment, introducing our new threat matrix for DevOps. Using this matrix, we show the different techniques an adversary might use to attack an organization from the initial access phase…

Read more →

Secure your organization’s digital estate through a comprehensive Zero Trust approach. The post Secure hybrid and remote workplaces with a Zero Trust approach appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog Read the…

Read more →