Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures

Introduction | Security snapshot | Threat briefing Defending against attacks | Expert profile Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse. From blocking imposters on Microsoft Azure and adding anti-scam features to Microsoft Edge, to fightin...

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Along with every merger and acquisition between two companies comes the need to combine and strengthen their IT infrastructure. In particular, there is an immediate and profound impa...

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server

Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server “Perforce Server”, a source code management platform largely used in the videogame industry and by multiple...

Automatic disruption of human-operated attacks through containment of compromised user accounts

Our experience and insights from real-world incidents tell us that the swift containment of compromised user accounts is key to disrupting hands-on-keyboard attacks, especially those that involve human-operated ransomware. In these attacks, lateral movement follows initial access as the next...

Microsoft Defender for Endpoint now stops human-operated attacks on its own

Defenders need every edge they can get in the fight against ransomware. Today, were pleased to announce that Microsoft Defender for Endpoint customers will now be able automatically to disrupt human-operated attacks like ransomware early in the kill chain without needing to deploy any other...

Expanded Microsoft Security Experts offerings provide comprehensive protection

Since we first introduced Microsoft Security Experts in May 2022, we’ve worked hard to expand our new security services category. In the past 16 months, we’ve launched new services, expanded our capabilities, and introduced new ways to buy. Our customers face an unprecedented number of security...

How to build stronger security teams

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Truesec Chief Chaos...

Latest Microsoft Entra advancements strengthen identity security

If you read behind the attention-grabbing headlines, most novel techniques rely on compromised identities.1 In fact, of all the ways an attacker can get into your digital estate, identity compromise is still the most common.2 This makes identity your first line of defense. In many organizations,...

​​Microsoft Entra: 5 identity priorities for 2023

Welcome to 2023. After the pandemic upended how we work, learn, play, and manage our lives, we find ourselves more connected than ever, with more convenient access to an ever-wider range of online tools and experiences. But as our global digital footprint continues to grow, so does the risk of...

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

On August 4, 2022, Microsoft publicly shared a framework.pdf that it has been using to secure its own development practices since 2019, the Secure Supply Chain Consumption Framework S2C2F, previously the Open Source Software-Supply Chain Security OSS-SSC Framework. As a massive consumer of and...

How one product manager builds community at Microsoft Security

I first met Joey Cruz not long after he joined the Microsoft Identity and Network Access IDNA team when he helped create demos for a keynote speech I was delivering. Joey has a way of making you feel that even if something goes sideways, it will all be okay because he will make sure it is. As...

Implementing a Zero Trust strategy after compromise recovery

What changes after compromise recovery? After a successful compromise recovery effort, you are back in control. Likely, you gave your team a round of applause and took a sigh of relief. Now what? Is everything going back to as it was in the past? Absolutely not! A compromise recovery engagement i...

Microsoft Security highlights from Black Hat USA 2022

Black Hat USA 2022 marked the twenty-fifth year that security researchers, security architects, and other security professionals have gathered to share the latest research, developments, and trends. Microsoft was among the companies participating in the conference, which was from August 6 to 11,...

How one Microsoft product manager acts as champion for identity security

A technology career embodies the ancient Roman saying that “luck happens when preparation meets opportunity.” Few industries are as dynamic, fast-paced, or intense as technology. With so many challenges to solve, opportunities are everywhere, but as I’ve learned myself through the years, the best...

Discover 5 lessons Microsoft has learned about compliance management

Compliance management is a complex process—one that gets increasingly more complicated the larger an organization grows. Microsoft knows this firsthand, not only because of our experience providing Security and Compliance solutions to customers but also because of the global reach and...

Microsoft at RSA 2022: Envisioning the future of security

Like most of you, I was glad to see the 2022 RSA Conference return to its in-person roots after a two-year digital hiatus. This year’s event was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in...

4 breakthrough ideas for compliance and data security

Compliance management will never be easy, but there are ways to make it simpler and more transparent. Every year, organizations confront a growing volume and diversity of data and ever-evolving industry and government regulations. But the answer to more data, more devices, and more regulations...

Announcing 2022 Microsoft Security Excellence Awards winners

Spirits soared at the Microsoft Security Excellence Awards on June 5, 2022. And is it any wonder? The celebration marked the first time that Microsoft executives and Microsoft Intelligent Security Association MISA members had gathered in person in more than two years so it was a special night for...

3 steps to secure your multicloud and hybrid infrastructure with Azure Arc

As businesses around the world grapple with the growth of an industrialized, organized attacker ecosystem, the need for customers to secure multicloud and hybrid infrastructure and workloads is increasingly urgent. Today, organizations face an attacker ecosystem that is highly economically...

What Generation Z can teach us about cybersecurity

Girl Security National Security Fellows Program fellow Amulya, a 17-year-old interested in countering online disinformation, said she feels her sense of personal privacy has been largely nonexistent “growing up in a media-saturated world.” She believes her sense of privacy was stolen by a...

HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks

HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans RATs, and other payloads related to targeted attacks. Notably, this technique was observe...

3 trends shaping identity as the center of modern security

I recently returned from Kenya, where I visited our Microsoft Nairobi development center. Like many of you, I’ve mostly worked from home for the past year and more, so it was refreshing to meet members of our global team and inspiring to feel their passion for our mission: delivering identity...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Improve your threat detection and response with Microsoft and Wortell

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. The way of working is changing rapidly. Many workloads are moving to the cloud and the pandemic accelerated organizations to provide infrastructure to aid employees working from...

How companies are securing devices with Zero Trust practices

Organizations are seeing a substantial increase in the diversity of devices accessing their networks. With employees using personal devices and accessing corporate resources from new locations in record numbers, IT leaders are seeing an increase in their attack surface area. They’re turning to Ze...

Recommendations for deploying the latest Attack surface reduction rules for maximum impact

The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the most recent release of Windows and cover...

Building a world without passwords

Nobody likes passwords. They are inconvenient, insecure, and expensive. In fact, we dislike them so much that weve been busy at work trying to create a world without them a world without passwords. In this blog, we will provide a brief insight into how we at Microsoft think about solving this...

First things first: Envisioning your security deployment

This blog post is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog...

Cyber resilience for the modern enterprise

Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks...

Developing an effective cyber strategy

The word strategy has its origins in the Roman Empire and was used to describe the leading of troops in battle. From a military perspective, strategy is a top-level plan designed to achieve one or more high-order goals. A clear strategy is especially important in times of uncertainty as it provid...

A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017

Adopting reliable attack methods and techniques borrowed from more evolved threat types, ransomware attained new levels of reach and damage in 2017. The following trends characterize the ransomware narrative in the past year: Three global outbreaks showed the force of ransomware in making...

How public-private partnerships can combat cyber adversaries

For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...

How to deploy AI safely

In this blog you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer CISO for AI, Yonatan Zunger, about how to build a plan to deploy AI safely. This blog is part of a new ongoing series where our Deputy CISOs share their thoughts on what is most importa...

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet formerly Storm-1789, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and...

Starting your journey to become quantum-safe

There’s no doubt we are living through a time of rapid technological change. Advances in ubiquitous computing and ambient intelligence transform nearly every aspect of work and life. As the world moves forward with new advancements and distributed technologies, so too does the need to understand...

Public preview: Improve Win32 app security via app isolation

The post Public preview: Improve Win32 app security via app isolation appeared first on Microsoft Security Blog...

Join our digital event to learn what’s new in Microsoft Entra

Editors note 6/15/2023: This blog has been updated to reflect the new date for this event, which is now July 11, 2023. It was previously scheduled for June 20, 2023. In today’s interconnected world, there’s virtually no limit to what technology can help us achieve. Millions of connections happen...

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit

Adversary-in-the-middle AiTM phishing kits are part of an increasing trend that is observed supplanting many other less advanced forms of phishing. AiTM phishing is capable of circumventing multifactor authentication MFA through reverse-proxy functionality. DEV-1101 is an actor tracked by Microso...

How to build a secure foundation for identity and access

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Christina Richmond, a...

The door is open for anyone to become a cyber defender

Throughout Cybersecurity Awareness Month, Microsoft has highlighted the importance of cybersecurity and provided resources to help people and organizations stay safe. It’s great to have this month as a reminder, and even better if that awareness becomes a year-round endeavor. Education is really...

Secure your endpoints with Transparity and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Endpoint protection platforms EPPs are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ability to normalize and correlat...

Do more with less—Discover the latest Microsoft Entra innovations

It has certainly been another intense year. From the ongoing pandemic to the Great Reshuffle to economic uncertainty, it’s truly felt like the only constant is change.1 In this economy, many organizations are looking for efficiencies. This is putting pressure on security teams, along with everyon...

ZINC weaponizing open-source software

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center MSTIC observed activity targeting employees in organizations across multiple industries includi...

Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

This month, Microsoft has been recognized by Gartner® as a Leader in the 2022 Magic Quadrant for Unified Endpoint Management UEM Tools. This blog post outlines the “so what” for IT leaders, and why we believe this Gartner analysis deserves your focus right now. As you see in the Magic Quadrant in...

Cyber Signals: Defend against the new ransomware landscape

Today, Microsoft is excited to publish our second edition of Cyber Signals, spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. In this edition, we pull back the curtain on the evolving cybercrime economy and the rise of...

Connect with Microsoft Security experts at the 2022 Gartner Identity & Access Management Summit

The transition to a remote and hybrid workforce happened fast during a time of uncertainty, and IT professionals rose to the challenge with ingenuity and dedication. But two years in, many IT teams are still responding with patchwork solutions to enforce identity and access management IAM across ...

Using Python to unearth a goldmine of threat intelligence from leaked chat logs

Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICPy, for example, is a Python tool dedicated to threat intelligence. I...

Secure access for a connected world—meet Microsoft Entra

What could the world achieve if we had trust in every digital experience and interaction? This question has inspired us to think differently about identity and access, and today, we’re announcing our expanded vision for how we will help provide secure access for our connected world. Microsoft Ent...

Streamlining employee onboarding: Microsoft’s response to the Great Reshuffle

In 2021, workers everywhere reevaluated their professional and personal choices, leading to what became known as the Great Resignation. In 2022, a new trend that many are calling the Great Reshuffle has emerged, with 43 percent of the workforce saying they’re very likely to consider changing jobs...

Building a safer world together with our partners—introducing Microsoft Security Experts

More threats—not enough defenders The security landscape has become increasingly challenging and complex for our customers. Threats have grown at an alarming rate over the last year, and cybercrime is now expected to cost the world USD10.5 trillion annually by 2025, up from USD3 trillion a decade...