This article has been indexed from Microsoft Security Blog Head of Mandiant Intelligence at FireEye Sandra Joyce talks with Microsoft’s Ann Johnson about the cybersecurity threats to US elections and how to fight them. The post Afternoon Cyber Tea: Learn…
Tag: Microsoft Security Blog
Combat attacks with security solutions from Trustwave and Microsoft
This article has been indexed from Microsoft Security Blog Cyberattacks and ransomware demands are on the rise. Microsoft security solutions and managed security service providers help organizations enable a proactive cybersecurity approach. The post Combat attacks with security solutions from…
Why diversity is important for a strong cybersecurity team
This article has been indexed from Microsoft Security Blog LinkedIn Chief Information Security Officer Geoff Belknap talks with Microsoft’s Bret Arsenault about recruiting cybersecurity talent and solving the skills gap. The post Why diversity is important for a strong cybersecurity…
3 steps to prevent and recover from ransomware
This article has been indexed from Microsoft Security Blog Learn real-world steps for protecting against the latest ransomware and other malicious cyberattacks. The post 3 steps to prevent and recover from ransomware appeared first on Microsoft Security Blog. Read the…
A deep-dive into the SolarWinds Serv-U SSH vulnerability
This article has been indexed from Microsoft Security Blog We’re sharing technical information about the vulnerability tracked as CVE-2021-35211, which was used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks. The post A deep-dive into the…
Get free DMARC visibility with Valimail Authenticate and Microsoft Office 365
This article has been indexed from Microsoft Security Blog Phishing and email spoofing not only erode brand trust, but they also leave recipients vulnerable to financial loss and serious invasions of privacy. The post Get free DMARC visibility with Valimail…
Microsoft a Leader in 2021 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools
This article has been indexed from Microsoft Security Blog Adapting to the evolving business landscape, organizations increasingly depend on Microsoft Endpoint Manager to enable hybrid work—where the endpoint is the new workplace. The post Microsoft a Leader in 2021 Gartner®…
How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud
This article has been indexed from Microsoft Security Blog DoD and DIB suppliers—see how Microsoft can give your business a competitive edge toward CMMC compliance. The post How to prepare for CMMC compliance as a defense industrial base supplier using…
Widespread credential phishing campaign abuses open redirector links
This article has been indexed from Microsoft Security Blog Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links, which allow attackers to use a URL in a trusted domain and embed the eventual final malicious…
Cybersecurity’s next fight: How to protect employees from online harassment
This article has been indexed from Microsoft Security Blog Tall Poppy CEO and Co-founder Leigh Honeywell talks with Microsoft about how companies can support employees who have been targeted for online harassment. The post Cybersecurity’s next fight: How to protect…
How Vodafone Global Security Director creates an inclusive and secure workplace
This article has been indexed from Microsoft Security Blog Vodafone Global Cybersecurity Director Emma Smith talks about leading an inclusive workplace and shares security strategies—like how to get rid of passwords. The post How Vodafone Global Security Director creates an…
How to proactively defend against Mozi IoT botnet
This article has been indexed from Microsoft Security Blog Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs). It works by exploiting weak telnet passwords1…
Automating security assessments using Cloud Katana
This article has been indexed from Microsoft Security Blog Today, we are open-sourcing Cloud Katana, a cloud-native tool under development, to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built…
Migrating content from traditional SIEMs to Azure Sentinel
This article has been indexed from Microsoft Security Blog Get tips on migrating data and detections from your on-premises SIEM to Azure Sentinel, including how to streamline tasks using automation. The post Migrating content from traditional SIEMs to Azure Sentinel…
Trend-spotting email techniques: How modern phishing emails hide in plain sight
This article has been indexed from Microsoft Security Blog By spotting trends in the techniques used by attackers in phishing attacks, we can swiftly respond to attacks and use the knowledge to improve customer security and build comprehensive protections through…
Microsoft and NIST collaborate on EO to drive Zero Trust adoption
This article has been indexed from Microsoft Security Blog Learn how Microsoft is helping federal agencies to implement standards-based cybersecurity technologies such as NIST and Zero Trust in the real world. The post Microsoft and NIST collaborate on EO to…
Attackers use Morse code, other encryption methods in evasive phishing campaign
This article has been indexed from Microsoft Security Blog During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation and skill to constantly evade detection…
7 ways to harden your environment against compromise
This article has been indexed from Microsoft Security Blog Here at the global Microsoft Compromise Recovery Security Practice (CRSP), we work with customers who have experienced disruptive security incidents to restore trust in identity systems and remove adversary control. During…
How security can keep media and sources safe
This article has been indexed from Microsoft Security Blog In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Runa Sandvik, an expert on journalistic security and the former Senior Director of Information…
Sharing the first SimuLand dataset to expedite research and learn about adversary tradecraft
This article has been indexed from Microsoft Security Blog Last month, we introduced the SimuLand project to help security researchers around the world deploy lab environments to reproduce well-known attack scenarios, actively test detections, and learn more about the underlying…
Spotting brand impersonation with Swin transformers and Siamese neural networks
This article has been indexed from Microsoft Security Blog Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In this blog, we discuss our…
How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel
This article has been indexed from Microsoft Security Blog Learn whether a transitional or long-term side-by-side deployment can best serve your migration to Microsoft’s cloud-native SIEM. The post How to manage a side-by-side transition from your traditional SIEM to Azure…
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
This article has been indexed from Microsoft Security Blog LemonDuck is an actively updated and robust malware primarily known for its botnet and cryptocurrency mining objectives. Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials,…
Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and more
This article has been indexed from Microsoft Security Blog Get previews of Microsoft’s latest security solutions, information on virtual sessions, and more for Black Hat 2021. The post Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and…
Attack AI systems in Machine Learning Evasion Competition
This article has been indexed from Microsoft Security Blog Today, we are launching MLSEC.IO, a new machine learning security evasion competition as an educational effort for the AI and security communities to exercise their muscle to attack critical AI systems…
BazaCall: Phony call centers lead to exfiltration and ransomware
This article has been indexed from Microsoft Security Blog Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been…
Zero Trust Adoption Report: How does your organization compare?
This article has been indexed from Microsoft Security Blog The last decade has been full of disruptions that have required organizations to adapt and accelerate their security transformation. As we look forward to the next major disruption—the move to hybrid…
Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques
This article has been indexed from Microsoft Security Blog A new approach for malware classification combines deep learning with fuzzy hashing. Fuzzy hashes identify similarities among malicious files and a deep learning methodology inspired by natural language processing (NLP) better…
How to protect your CAD data files with MIP and HALOCAD
This article has been indexed from Microsoft Security Blog SECUDE has integrated their HALOCAD solution with Microsoft Information Protection SDK which extends the data protection beyond the organization’s IT perimeter. The post How to protect your CAD data files with…
A guide to balancing external threats and insider risk
This article has been indexed from Microsoft Security Blog Rockwell Automation Vice President and Chief Information Security Officer Dawn Cappelli talks about assessing, measuring, and protecting against insider risk. The post A guide to balancing external threats and insider risk…
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
This article has been indexed from Microsoft Security Blog LemonDuck, an actively updated and robust malware that’s primarily known for its botnet and cryptocurrency mining objectives, adopted more sophisticated behavior and escalated its operations. Today, beyond using resources for its…
The evolution of a matrix: How ATT&CK for Containers was built
This article has been indexed from Microsoft Security Blog As containers become a major part of many organizations’ IT workloads, it becomes crucial to consider the unique security threats that target such environments when building security solutions. The first step…
Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management
This article has been indexed from Microsoft Security Blog Today on the Official Microsoft Blog, Microsoft announced the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. The post Microsoft…
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
This article has been indexed from Microsoft Security Blog The Microsoft Threat Intelligence Center (MSTIC) alongside the Microsoft Security Response Center (MSRC) has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows…
Microsoft delivers comprehensive solution to battle rise in consent phishing emails
This article has been indexed from Microsoft Security Blog Microsoft threat analysts are tracking a continued increase in consent phishing emails, also called illicit consent grants, that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned…
How Microsoft Security empowers partners to build customer trust
This article has been indexed from Microsoft Security Blog Our world is changing, and Microsoft Security is rising to the challenges of a new normal. Today, I want to share more about how we are empowering our partners to be…
MISA expands portfolio and looks ahead during Microsoft Inspire
This article has been indexed from Microsoft Security Blog MISA extends product portfolio, adds sessions for Microsoft Inspire, and more. The post MISA expands portfolio and looks ahead during Microsoft Inspire appeared first on Microsoft Security Blog. Read the original…
Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit
This article has been indexed from Microsoft Security Blog Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign…
Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work
This article has been indexed from Microsoft Security Blog Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a…
Microsoft named a Visionary in the 2021 Gartner Magic Quadrant for SIEM for Azure Sentinel
This article has been indexed from Microsoft Security Blog We’re excited to announce that in its first year of inclusion in the Magic Quadrant report, Microsoft Azure Sentinel has been named a Visionary, where we were recognized for our completeness…
How to build a privacy program the right way
This article has been indexed from Microsoft Security Blog Asana Privacy Counsel Whitney Merrill, an expert on privacy legal issues, talks with Microsoft about best practices for building a privacy program. The post How to build a privacy program the…
Accessibility and usability for all in Azure Sentinel
This article has been indexed from Microsoft Security Blog Designing with accessibility in mind greatly expands the impact of Microsoft solutions. However, the impact of accessible design is even bigger than that. When we design for accessibility, everyone benefits. The…
Preparing for your migration from on-premises SIEM to Azure Sentinel
This article has been indexed from Microsoft Security Blog Learn how to plan and prepare for migration from a traditional on-premises SIEM to Microsoft’s cloud-native SIEM for intelligent security analytics at cloud scale. The post Preparing for your migration from…
Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise
This article has been indexed from Microsoft Security Blog We discovered vulnerabilities in NETGEAR DGN-2200v1 series routers that can compromise a network’s security—opening the gates for attackers to roam untethered through an entire organization. We shared our findings with NETGEAR…
The critical role of Zero Trust in securing our world
This article has been indexed from Microsoft Security Blog US Executive Order on Cybersecurity delivers valuable guidance for both public and private organizations to make the world safer for all. The post The critical role of Zero Trust in securing…
MITRE ATT&CK® mappings released for built-in Azure security controls
This article has been indexed from Microsoft Security Blog Microsoft is pleased to announce the publication of the Security Stack Mappings for Azure project in partnership with the Center for Threat-Informed Defense. The post MITRE ATT&CK® mappings released for built-in…
Encouraging women to embrace their cybersecurity superpowers
This article has been indexed from Microsoft Security Blog The cybersecurity challenges of today require a diversity of skills, perspectives, and experiences, yet women remain underrepresented in this field. Girl Security and Microsoft Security are forging a new fellowship around…
Windows 11 enables security by design from the chip to the cloud
This article has been indexed from Microsoft Security Blog Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we…
Strategies, tools, and frameworks for building an effective threat intelligence team
This article has been indexed from Microsoft Security Blog Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team. The post Strategies, tools, and frameworks for building an…
Strategies, tools, and frameworks for building an effective threat intelligence team
This article has been indexed from Microsoft Security Blog Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team. The post Strategies, tools, and frameworks for building an…
Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19
This article has been indexed from Microsoft Security Blog Microsoft Chief Information Security Officer Bret Arsenault discusses Microsoft’s response to COVID-19 and the new cybersecurity threats that have emerged. The post Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19 appeared…