Tag: Microsoft Security

Microsoft acquires ReFirm Labs to enhance IoT security

This article has been indexed from Microsoft Security Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of…

Understanding the threat landscape and risks of OT environments

This article has been indexed from Microsoft Security Industrial control systems security consultant Chris Sistrunk discusses operational technology security and the challenges and cybersecurity risks of OT systems. The post Understanding the threat landscape and risks of OT environments appeared…

Breaking down NOBELIUM’s latest early-stage toolset

This article has been indexed from Microsoft Security In this blog, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. These tools have been observed being used in the wild as early…

New sophisticated email-based attack from NOBELIUM

This article has been indexed from Microsoft Security Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other…

Resources for accelerating your Zero Trust journey

This article has been indexed from Microsoft Security Embracing Zero Trust is critical to protecting your organization and enabling productivity. Here are our top resources to help accelerate your adoption. The post Resources for accelerating your Zero Trust journey appeared…

Mitigate OT security threats with these best practices

This article has been indexed from Microsoft Security Chris Sistrunk, a Technical Manager in Mandiant’s ICS/OT Consulting practice, shares best practices to improve operational technology security. The post Mitigate OT security threats with these best practices appeared first on Microsoft…

AI security risk assessment using Counterfit

Read the original article: AI security risk assessment using Counterfit Counterfit is a command-line tool for security professionals to red team AI systems and systematically scans for vulnerabilities as part of AI risk assessment. The post AI security risk assessment…

Evolving beyond password complexity as an identity strategy

Read the original article: Evolving beyond password complexity as an identity strategy What’s the future of identity? Have I Been Pwned Founder Troy Hunt shares his insights with Microsoft as well as strategies for protecting identities. The post Evolving beyond…

CyberMDX and Microsoft: Protecting life-saving medical devices

Read the original article: CyberMDX and Microsoft: Protecting life-saving medical devices While hospitals continue to battle the COVID-19 pandemic, many are battling other “viruses” behind the scenes. The post CyberMDX and Microsoft: Protecting life-saving medical devices appeared first on Microsoft…

Secure unmanaged devices with Microsoft Defender for Endpoint now

Read the original article: Secure unmanaged devices with Microsoft Defender for Endpoint now New Microsoft Defender for Endpoint capabilities let organizations discover and secure unmanaged workstations, mobile devices, servers, and network devices. The post Secure unmanaged devices with Microsoft Defender…

Threat matrix for storage services

Read the original article: Threat matrix for storage services Storage services are one of the most popular services in the cloud. In this blog, we outline potential risks that you should be aware of when deploying, configuring, or monitoring your…

Threat matrix for storage

Read the original article: Threat matrix for storage Storage services are one of the most popular services in the cloud. In this blog, we outline potential risks that you should be aware of when deploying, configuring, or monitoring your storage…

Zero Trust: 7 adoption strategies from security leaders

Read the original article: Zero Trust: 7 adoption strategies from security leaders How can your organization move to a Zero Trust security model? Ten executive security leaders met virtually to share strategies that been effective for them. The post Zero…

How to build a successful application security program

Read the original article: How to build a successful application security program Tanya Janca, Founder of the We Hack Purple Academy, talks with Microsoft about how to build an application security program and measure its success. The post How to…

Securing our approach to domain fronting within Azure

Read the original article: Securing our approach to domain fronting within Azure Changes Microsoft is making in Azure to address challenges with domain fronting. The post Securing our approach to domain fronting within Azure appeared first on Microsoft Security.  …

The biggest challenges—and important role—of application security

Read the original article: The biggest challenges—and important role—of application security Tanya Janca, Founder of We Hack Purple Academy, talks with Microsoft about the biggest application security challenges and AppSec’s role in cybersecurity. The post The biggest challenges—and important role—of…

HAFNIUM targeting Exchange Servers with 0-day exploits

Read the original article: HAFNIUM targeting Exchange Servers with 0-day exploits Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this…

Securing and governing data in a new hybrid work reality

Read the original article: Securing and governing data in a new hybrid work reality New Microsoft compliance capabilities enable you to extend data protection and governance across apps, endpoints, and platforms to keep your people collaborative and productive, while ensuring…

Securing Azure datacenters with continuous IoT/OT monitoring

Read the original article: Securing Azure datacenters with continuous IoT/OT monitoring Learn how Microsoft ensures operational resilience for Azure datacenters with Azure Defender for IOT and Azure Sentinel The post Securing Azure datacenters with continuous IoT/OT monitoring appeared first on…

What we like about Microsoft Defender for Endpoint

Read the original article: What we like about Microsoft Defender for Endpoint Microsoft Defender for Endpoint provides the right security intelligence for Expel to analyze rich data and provide support for their customers. The post What we like about Microsoft…

A playbook for modernizing security operations

Read the original article: A playbook for modernizing security operations What’s the future of security operations? Dave Kennedy, Founder of Binary Defense, shares his insights on threat hunting, incident response, and more with Microsoft. The post A playbook for modernizing…

Web shell attacks continue to rise

Read the original article: Web shell attacks continue to rise A year ago, we reported the steady increase in the use of web shells in attacks worldwide. The latest Microsoft 365 Defender data shows that this trend not only continued,…

Sophisticated cybersecurity threats demand collaborative, global response

Read the original article: Sophisticated cybersecurity threats demand collaborative, global response Since December, the United States, its government, and other critical institutions including security firms have been addressing the world’s latest serious nation-state cyberattack, sometimes referred to as ‘Solorigate’ or…

Modernizing your network security strategy

Read the original article: Modernizing your network security strategy From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones…

Recent enhancements for Microsoft Power Platform governance

Read the original article: Recent enhancements for Microsoft Power Platform governance An emerging trend in digital transformation efforts has been the rise of low-code development platforms. Of course, these low-code platforms must be grounded in best-of-breed governance capabilities which include…

ZINC attacks against security researchers

Read the original article: ZINC attacks against security researchers In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. Observed targeting includes pen testers, private offensive security researchers, and employees at security and…