10 matches found
Top 10 actions to build agents securely with Microsoft Copilot Studio
Organizations are rapidly adopting Copilot Studio agents, but threat actors are equally fast at exploiting misconfigured AI workflows. Mis-sharing, unsafe orchestration, and weak authentication create new identity and data‑access paths that traditional controls don’t monitor. As AI agents become...
Elevate Cyber Defense with Qualys Advanced Hunting
Introduction In today’s cyber threat landscape, proactive approaches such as threat hunting have become key in any organization’s defense strategy, identifying and tackling threats before they become an incident. That is why Qualys is delighted to introduce Advanced Hunting , our threat-hunting...
BEC-ware the phish (part 1). Investigating incidents in M365
TL;DR Review the key artefacts to ensure the best possible telemetry is available in the case of a Business Email Compromise BEC. Keep an eye on data retention, where necessary export or forward data for investigations longer than 30 days. Verify and enable Unified Audit Logging, its free and giv...
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
January 10, 2022 recap – The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe. This open-source component is widely used across many suppliers’ software and services. By nature of Log4j being a component, the vulnerabilities affect not only...
A closer look at Qakbot’s latest building blocks (and how to knock them down)
Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan,...
Email Campaign Spreads StrRAT Fake-Ransomware RAT
An email campaign is delivering a Java-based remote access trojan RAT that can not only steal credentials and take control of systems, but also presents as fake ransomware, Microsoft researchers have discovered. The Microsoft Security Intelligence MSI team has outlined details of a “massive email...
Microsoft Defender for Endpoint now supports Windows 10 on Arm devices
Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is part of our continued efforts to extend Microsoft Defender for Endpoint capabilities across all the endpoints defenders need to secure. Arm...
Collaborative innovation on display in Microsoft’s insider risk management strategy
The disrupted work environment, in which enterprises were forced to find new ways to enable their workforce to work remotely, changed the landscape for operations as well as security. One of the top areas of concern is managing insider risks, a complex undertaking even before the pandemic, and ev...
Collaborative innovation on display in Microsoft’s insider risk management strategy
The disrupted work environment, in which enterprises were forced to find new ways to enable their workforce to work remotely, changed the landscape for operations as well as security. One of the top areas of concern is managing insider risks, a complex undertaking even before the pandemic, and ev...
UEFI scanner brings Microsoft Defender ATP protection to a new level
Microsoft Defender Advanced Threat Protection Microsoft Defender ATP is extending its protection capabilities to the firmware level with a new Unified Extensible Firmware Interface UEFI scanner. Hardware and firmware-level attacks have continued to rise in recent years, as modern security solutio...