#StopRansomware: Cuba Ransomware

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory C...

The Password Isn’t Dead Yet. You Need a Hardware Key

Any multifactor authentication adds protection, but a physical token is the best bet when it really counts...

Cybercrime (and Security) Predictions for 2023

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it's up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. Here's a look at how cybercrime will evolve in 2023 and what you can do to secure and...

Keep Your Grinch at Bay: Here's How to Stay Safe Online this Holiday Season

As the holiday season approaches, online shopping and gift-giving are at the top of many people's to-do lists. But before you hit the "buy" button, it's important to remember that this time of year is also the peak season for cybercriminals. In fact, cybercriminals often ramp up their efforts...

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication MFA, threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team DART has seen an increa...

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication MFA, threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team DART has seen an increa...

Defeating Phishing-Resistant Multifactor Authentication

CISA is now pushing phishing-resistant multifactor authentication. Roger Grimes has an excellent post reminding everyone that "phishing-resistant" is not "phishing proof," and that everyone needs to stop pretending otherwise. His list of different attacks is particularly useful...

CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication 

CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication MFA. CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using...

Discover Microsoft Security solutions for SLTT government grant readiness

As part of the Bipartisan Infrastructure Law, also known as the Infrastructure Investment and Jobs Act of 2021, the United States federal government announced a cybersecurity grant program for state, local, territorial, and tribal SLTT governments to fund allocation of USD1 billion over the next...

Discover Microsoft Security solutions for SLTT government grant readiness

As part of the Bipartisan Infrastructure Law, also known as the Infrastructure Investment and Jobs Act of 2021, the United States federal government announced a cybersecurity grant program for state, local, territorial, and tribal SLTT governments to fund allocation of USD1 billion over the next...

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Summary Actions to Help Protect Against APT Cyber Activity: • Enforce multifactor authentication MFA on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on...

IT Security Takeaways from the Wiseasy Hack

Last month Tech Crunch reported that payment terminal manufacturer Wiseasy had been hacked. Although Wiseasy might not be well known in North America, their Android-based payment terminals are widely used in the Asia Pacific region and hackers managed to steal passwords for 140,000 payment...

Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

CISA, Federal Bureau of Investigation FBI, National Security Agency NSA, U.S. Cyber Command USCC - Cyber National Mission Force CNMF, Department of the Treasury, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, and United Kingdom’s National Cyber Security Centre NCS...

#StopRansomware: Vice Society

Note: This joint Cybersecurity Advisory CSA is part of an ongoing StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These StopRansomware advisories include recently and historically observed tactics, techniques,...

#StopRansomware: Vice Society

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize and remediate known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: This joint Cybersecurity Advisory CSA is part of an...

CVE-2022-37144

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user...

2021 Top Malware Strains

Summary Immediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication MFA. • Secure Remote Desktop Protocol RDP and other risky services. • Make offline backups of your data. • Provi...

Cyber Signals: Defend against the new ransomware landscape

Today, Microsoft is excited to publish our second edition of Cyber Signals, spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. In this edition, we pull back the curtain on the evolving cybercrime economy and the rise of...

Cyber Signals: Defend against the new ransomware landscape

Today, Microsoft is excited to publish our second edition of Cyber Signals, spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. In this edition, we pull back the curtain on the evolving cybercrime economy and the rise of...

CISA and FBI issue alert about Zeppelin ransomware

The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA have released a joint Cybersecurity Advisory CSA about Zeppelin ransomware. The advisory contains indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with...