Vulnerability fixed in SonicWall Hosted Email Security

SonicWall has fixed a vulnerability in Hosted Email Security. An unauthenticated malicious person could exploit it to bypass the Capture ATP service, thereby bypass the functionality of the product. SonicWall has released updates to fix the vulnerability in Hosted Email Security 10.0.18.7423. For...

4 Key Questions for Zero-Trust Success

Historically, securing remote access was primarily done using VPNs. However, as enterprises have begun to understand the principles of zero trust, which states that no user may access any data source without first being authenticated, VPNs are proving to be insufficient. The demand for secure...

Azure SQL Database Security: 9 Features You Should Know

Databases are where organizations hold their “crown jewels” – their data. If you’re running or looking to run SQL on Azure, Azure provides security for the physical, logical, and data layers of services. Basic Azure SQL database security can be enabled using a variety of native security features...

Dent - A Framework For Creating COM-based Bypasses Utilizing Vulnerabilities In Microsoft's WDAPT Sensors

More Information If you want to learn more about the techniques utlized in this framework please take a look at this article. Description This framework generates code to exploit vulnerabilties in Microsoft Defender Advanced Threat Protection's Attack Surface Reduction ASR rules to execute...

Meet critical infrastructure security compliance requirements with Microsoft 365

Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Every operator of an industrial control system also operates an IT network to service its productivity needs. A supervisory control and data acquisition SCADA system operator of a power...

80% of Global Enterprises Report Firmware Cyberattacks

Attacks against firmware are snowballing, outstripping many organizations’ cyber-defenses, according to a survey from Microsoft. The report showed that more than 80 percent of enterprises have experienced at least one firmware attack in the past two years – but only 29 percent of security budgets...

Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users

A spearphishing attack is spoofing Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers. Researchers at Ironscales discovered the campaign targeting several thousand...

PSMDATP - PowerShell Module For Managing Microsoft Defender Advanced Threat Protection

Welcome to the Microsoft Defender Advanced Threat Protection PowerShell module! This module is a collection of easy-to-use cmdlets and functions designed to make it easy to interface with the Microsoft Defender Advanced Threat Protection API. Motivation I created this PowerShell module for MDATP...

Microsoft Intelligent Security Association expands to include managed security service providers

We’d planned a splashy party at Microsoft Inspire to announce our newest Microsoft Intelligent Security Association MISA members and introduce them to association members, but given our world today, I am instead picturing you reading this announcement curled up in a chair with a cup of coffee...

Download Guide: Advanced Threat Protection Beyond the AV

At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment. The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutio...

Download Guide — Advanced Threat Protection Beyond the AV

At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment. The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutio...

Building on secure productivity

Among the most common and powerful attack vectors we have seen are those that exploit the daily tradeoff users make between security and productivity. Often, this can be as simple as a document hiding an exploit or a malicious link. As an industry, we’re used to thinking of security and...

Download: The State of Security Breach Protection 2020 Survey Results

What are the key considerations security decision-makers should take into account when designing their 2020 breach protection? To answer this, we polled 1,536 cybersecurity professionals in The State of Breach Protection 2020 survey Download the full survey here to understand the common practices...

Gartner names Microsoft a Leader in the 2019 Cloud Access Security Broker (CASB) Magic Quadrant

In Gartner’s third annual Magic Quadrant for Cloud Access Security Brokers CASB, Microsoft was named a Leader based on its completeness of vision and ability to execute in the CASB market. Microsoft was also identified as strongest in execution. Gartner led the industry when they defined the term...

The evolution of Microsoft Threat Protection, April update

Microsoft Threat Protection continues to energize the threat protection market with our most recent announcements. Customers are excited about the launch of Microsoft Defender Advanced Threat Protection ATP, which extends Microsoft’s best in class endpoint security to Mac and adds powerful new...

Step 8. Protect your documents and email: top 10 actions to secure your environment

The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 8. Protect your documents and email,” you’ll learn how to deploy Azure Information Protection and use Office 365 Advanced Threat...

Announcing new capabilities for the Microsoft Azure Security Center

Microsoft Azure Security Center—the central hub for monitoring and protecting against related incidents within Azure—has released new capabilities. The following features—announced at Hannover Messe 2019—are now generally available for the Azure Security Center: Advanced Threat Protection for Azu...

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and...

The evolution of Microsoft Threat Protection, November update

At Ignite 2018, we announced Microsoft Threat Protection, a comprehensive, integrated solution securing the modern workplace across identities, endpoints, user data, cloud apps, and, infrastructure Figure 1. The foundation of the solution is the Microsoft Intelligent Security Graph, which...

Partner Perspectives: Protecting Against Fileless Malware with BluVector and Carbon Black

Josh Rosenthol is the Alliance and Integration Manager for BluVector. The Challenge of Fileless Malware “The infectiousness of crime is like that of the plague.” -Napoleon Bonaparte While first spoken over 200 years ago, this quote is remarkably relevant to the modus operandi of malware authors a...