Lucene search
K
MmpcMost viewed

726 matches found

Microsoft Malware Protection
Microsoft Malware Protection
added 2020/12/21 10:3 p.m.44 views

Advice for incident responders on recovery from systemic identity compromises

As Microsoft alongside our industry partners and the security community continues to investigate the extent of the Solorigate attack, our goal is to provide the latest threat intelligence including IOCs and guidance across our products and solutions to help the community fight back against, harde...

0.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/09/14 11:30 a.m.43 views

Uncursing the ncurses: Memory corruption vulnerabilities found in library

Microsoft has discovered a set of memory corruption vulnerabilities in a library called ncurses, which provides APIs that support text-based user interfaces TUI. Released in 1993, the ncurses library is commonly used by various programs on Portable Operating System Interface POSIX operating...

4.3CVSS8.2AI score0.55367EPSS
Exploits22
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/14 4:0 p.m.43 views

North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware

A group of actors originating from North Korea that Microsoft Threat Intelligence Center MSTIC tracks as DEV-0530 has been developing and using ransomware in attacks since June 2021. This group, which calls itself H0lyGh0st, utilizes a ransomware payload with the same name for its campaigns and h...

6.8CVSS9.3AI score0.91501EPSS
Exploits4
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/06/03 4:0 p.m.43 views

Afternoon Cyber Tea: Cybersecurity challenged to meet diversity goals

Organizations often know they need to identify and address their cybersecurity blind spots. They also know the technology exists to help them do that. However, they don’t often understand how to communicate this need within their organization to justify the expense, nor do they know how to share...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/05/26 4:0 p.m.43 views

Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses on protecting valuable business assets, data, and...

7.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/22 4:0 p.m.43 views

Evolving beyond password complexity as an identity strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Troy Hunt, founder of Have I Been Pwned,...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/21 7:0 p.m.43 views

Blue Cedar partners with Microsoft to combat BYOD issues

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Bring Your Own Device BYOD has been a divisive topic within corporations for years. Employees wanted the convenience of working on their own smart devices, and business decision-make...

7.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/03/22 10:2 p.m.42 views

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction

March 24, 2022 update - As Microsoft continues to track DEV-0537’s activities, tactics, and tools, were sharing new detection, hunting, and mitigation information to give you additional insights on remaining vigilant against these attacks. In recent weeks, Microsoft Security teams have been...

0.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/01/16 2:28 a.m.42 views

Destructive malware targeting Ukrainian organizations

Microsoft Threat Intelligence Center MSTIC has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/29 5:0 p.m.42 views

Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix

The MITRE ATT&CK® for Containers matrix was published today, establishing an industry knowledge base of attack techniques associated with containerization and related technologies that are increasingly more ubiquitous in the current computing landscape. Microsoft is happy to have contributed and...

7.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/02 2:0 p.m.42 views

Securing and governing data in a new hybrid work reality

The past year has led to an evolution in not only how we think about work, but more importantly, where work gets done. Arguably, gone are the days that your organization’s data is limited to the protected confines of your corporate network as your people continue to work remotely, return in some...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/02/16 7:0 p.m.42 views

Afternoon Cyber Tea: Evaluating individual and organizational cyber risk in a pandemic

Cybersecurity professionals find themselves in high demand as organizations worldwide continue to grapple with how to secure millions of remote workers. James Turner is an industry analyst at CISO Lens and served as an adjudicator from 2017 to 2019 for the Australian government’s cyber war games:...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/14 7:0 p.m.42 views

Simplify compliance and manage risk with Microsoft Compliance Manager

The cost of non-compliance is more than twice that of compliance costs. Non-compliance with the ever-increasing and changing regulatory requirements can have a significant impact on your organizations brand, reputation, and revenue. According to a study by the Ponemon Institute and Globalscape,...

0.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/02/03 12:5 a.m.42 views

Improved scripts in .lnk files now deliver Kovter in addition to Locky

Cybercriminals are using a combination of improved script and well-maintained download sites to attempt installing Locky and Kovter on more computers. A few months ago, we reported an email campaign distributing .lnk files with a malicious script that delivered Locky ransomware. Opening the...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2016/10/21 11:22 p.m.42 views

Beware of Hicurdismos: It’s a fake Microsoft Security Essentials installer that can lead to a support call scam

Note: Our Tech support scams FAQ page has the latest info on this type of threat, including scammer tactics, fake error messages, and the latest scammer hotlines. Wouldn’t it be a shame if, in trying to secure your PC, you inadvertently install malware and run the risk of being scammed? We recent...

6.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2016/07/14 8:35 p.m.42 views

Reverse engineering DUBNIUM –Stage 2 payload analysis

Recently, we blogged about the basic functionality and features of the DUBNIUM advanced persistent threat APT activity group Stage 1 binary and Adobe Flash exploit used during the December 2015 incident Part 1, Part 2. In this blog, we will go through the overall infection chain structure and the...

7.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2016/07/13 10:21 p.m.42 views

Troldesh ransomware influenced by (the) Da Vinci code

We at the MMPC are constantly tracking new and emerging ransomware threats so we can be one step ahead of active campaigns and help protect our users. As part of these efforts, we recently came across a new variant of the Win32/Troldesh ransomware family. Ransomware, like most malware, is...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/12/07 12:1 p.m.41 views

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard formerly SEABORGIUM, also known as COLDRIVER and Callisto Group. Star Blizzard has improved their detection evasion capabilities since 2022 while...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/07/14 5:0 p.m.41 views

Analysis of Storm-0558 techniques for unauthorized email access

Executive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that weve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/21 4:0 p.m.41 views

Securing IoT devices against attacks that target critical infrastructure

South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today. According to South...

10CVSS0.5AI score0.99993EPSS
Exploits7
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/08/24 4:0 p.m.41 views

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks

Microsoft has observed the Sliver command-and-control C2 framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ransomware and extortion, and other threat actors to evade detection. We’ve seen these actors use Sliver...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/27 4:0 p.m.41 views

Android apps with millions of downloads exposed to high-severity vulnerabilities

Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote albeit complex or local attacks. The vulnerabilities, which affected apps...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/19 4:0 p.m.41 views

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices

In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as well as its usage of XOR-based...

7.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/19 5:0 p.m.41 views

How IT leaders are securing identities with Zero Trust

The past twelve months have been a remarkable time of digital transformation as organizations, and especially digital security teams, adapt to working remotely and shifting business operations. IT leaders everywhere turned to Zero Trust approaches to alleviate the challenges of enabling and...

0.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/14 5:0 p.m.41 views

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

­Even as investigations into the sophisticated attack known as Solorigate are still underway, details and insights about the tools, patterns, and methods used by the attackers point to steps that organizations can take to improve their defenses against similar attacks. Solorigate is a cross-domai...

0.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2020/11/19 7:0 p.m.41 views

Modernize secure access for your on-premises resources with Zero Trust

Change came quickly in 2020. More likely than not, a big chunk of your workforce has been forced into remote access. And with remote work came an explosion of bring-your-own-device BYOD scenarios, requiring your organization to extend the bounds of your network to include the entire internet and...

7.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/10/23 1:1 p.m.41 views

Move away from passwords, deploy Windows Hello. Today!

Something we understood from the very beginning with Windows Hello for Business is our customers would approach Windows 10 in a series of phases. The first phase is to simply deploy the platform itself. From there, additional phases would follow to take advantage of optional Windows 10 technologi...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2016/09/13 11:38 p.m.41 views

MSRT September 2016 release feature: Prifou

As part of our ongoing effort to provide better malware protection, the Microsoft Malicious Software Removal Tool MSRT release this September includes detections for: BrowserModifier:Win32/Prifou TrojanClicker:Win32/NightClick Trojan:Win32/Suweezy Trojan:Win32/Xadupi This blog discusses...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/04/11 4:0 p.m.40 views

DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. DEV-0196 is now tracked as Carmine Tsunami. To learn more about this evolution, how the new taxonomy represents the origin, unique traits, and impact of threat...

6.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/01 4:0 p.m.40 views

Get free DMARC visibility with Valimail Authenticate and Microsoft Office 365

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Phishing and email spoofing not only erode brand trust but also leave recipients vulnerable to financial loss and serious invasions of privacy. These tactics have been around for...

7.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/07/07 4:0 p.m.40 views

Accessibility and usability for all in Azure Sentinel

As a father of a child on the Autism spectrum who relies completely on digital media for his learning, I fully appreciate the impact that digital accessibility can have on people with disabilities. Designing with accessibility in mind greatly expands the impact of Microsoft solutions. What many...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/05/19 4:0 p.m.40 views

Forrester names Microsoft a Leader in The Forrester Wave™: Cloud Security Gateways, Q2 2021

I am thrilled to share that Forrester Research has named Microsoft Cloud App Security as a Leader in The Forrester Wave: Cloud Security Gateways, Q2 2021. Additionally, Microsoft received the highest score in the strategy category. People have increasingly used cloud apps to stay productive and...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/05 6:0 p.m.40 views

Microsoft Defender for Endpoint now supports Windows 10 on Arm devices

Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is part of our continued efforts to extend Microsoft Defender for Endpoint capabilities across all the endpoints defenders need to secure. Arm...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/02/04 5:0 p.m.40 views

Modernizing your network security strategy

From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones we can, and are changing across the cybersecurity landscape. For example, to facilitate remote work and...

1.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/19 10:30 p.m.40 views

Using Zero Trust principles to protect against sophisticated attacks like Solorigate

The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure, but many...

Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/10/23 1:0 p.m.40 views

Stopping ransomware where it counts: Protecting your data with Controlled folder access

Windows Defender Exploit Guard is a new set of host intrusion prevention capabilities included with Windows 10 Fall Creators Update. One of its features, Controlled folder access, stops ransomware in its tracks by preventing unauthorized access to your important files. Encryption should protect...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/27 4:0 p.m.39 views

Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity

Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread. These infections lead to follow-on...

0.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/09/29 4:0 p.m.39 views

ZINC weaponizing open-source software

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center MSTIC observed activity targeting employees in organizations across multiple industries includi...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/08/17 4:0 p.m.39 views

Microsoft and NIST collaborate on EO to drive Zero Trust adoption

2020s Nobelium attack sent shock waves through both government and private sectors. 2021 has already seen large-scale nation-state attacks such as Hafnium1 alongside major ransomware attacks2 on critical infrastructure. The breadth and boldness of these attacks show that, far from being deterred,...

8.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/06/09 4:0 p.m.39 views

CRSP: The emergency team fighting cyber attacks beside customers

What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/05/26 8:0 p.m.39 views

How user experience is shaping verifiable credentials and identity

Since 2017, Microsoft has been working with the identity community on two groundbreaking technologies designed from the ground up to make digital privacy convenient and practical: decentralized identifiers and verifiable credentials. We believe verifiable credentials will revolutionize the way we...

6.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/05 4:0 p.m.39 views

Protect your business from email phishing with multi-factor authentication

Cybersecurity has been in the news far more often in the past 12 months than in previous years, as cybercriminals escalated their activity during the COVID-19 pandemic quarantine. The seismic shift of hundreds of millions of people connecting and working from home every day presented cybercrimina...

7.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/02 2:0 p.m.39 views

Microsoft brings advanced hardware security to Server and Edge with Secured-core

A cursory look at recent headlines reveals two clear trends. First, organizations around the world are embracing digital transformation using technologies across cloud and edge computing to better serve their customers and thrive in fast-paced environments. Second, attackers are constantly...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/28 5:0 p.m.39 views

5 identity priorities for 2021—strengthening security for the hybrid work era and beyond

When I outlined the five identity priorities for 2020, the world was a very different place. Since then, the COVID-19 pandemic has forever changed how organizations run their businesses. It’s also changed the way we work, learn, and collaborate. What hasn’t changed is the critical role identity...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/27 6:0 p.m.39 views

Protecting multi-cloud environments with Azure Security Center

We’ve heard from many of you that multi-cloud adoption is becoming a standard operating model for your organization and that it’s challenging to have the right security controls and posture across your environment. Historically, security teams have not had effective tools to secure multi-cloud...

8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2020/12/07 5:0 p.m.39 views

Deliver productive and seamless user experiences with Azure Active Directory

Several months into the COVID-19 pandemic, many of us are still working remotely, and our organizations are still adjusting. Top of mind for every IT leader in this current landscape is meeting users’ needs for seamless access to resources while safeguarding the business from cyber threats. The...

Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/10/23 1:4 p.m.39 views

Making Microsoft Edge the most secure browser with Windows Defender Application Guard

Innovation in the attack space is constant as adversaries increase in both determination and sophistication. In response to increased investments in defense, attackers are adapting and improving tactics at breakneck speed. The good news is that defenders are also innovating and disrupting long...

7.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/12/15 5:0 p.m.38 views

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server

Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server “Helix Core Server”, a source code management platform largely used in the videogame industry and by multiple...

7.5CVSS10AI score0.01115EPSS
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/02 5:0 p.m.38 views

Microsoft is named a Leader in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

The state of cybersecurity continues to challenge defenders around the world. With hybrid work here to stay and emerging trends like Ransomware as a Service, organizations need a partner that empowers them with not only modern endpoint security but an integrated solution that helps security...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/25 9:0 p.m.38 views

Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp)

On April 24, 2022, a privilege escalation hacking tool, KrbRelayUp, was publicly disclosed on GitHub by security researcher Mor Davidovich. KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn tools in...

1.3AI score
Exploits0
Total number of security vulnerabilities726