1512 matches found
Cybersecurity health and how to stay ahead of attackers with Linda Grasso
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Linda Grasso, the...
Microsoft shifts to a comprehensive SaaS security solution
Software as a service SaaS apps are ubiquitous, hybrid work is the new normal, and protecting them and the important data they store is a big challenge for organizations. Today, 59 percent of security professionals find the SaaS sprawl challenging to manage1 and have identified cloud...
Addressing cybersecurity at the board level with Difenda and Microsoft
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Cybersecurity is no longer simply a lone silo or regulatory process; it is a business issue that affects every aspect of an organization. From financial losses to reputational damage...
Learn what an AI-driven future means for cybersecurity at Microsoft Secure
Maintaining security across today’s vast digital ecosystem is a team effort. AI and machine learning have helped to detect threats quickly and respond effectively. Yet we all know that the best defense still requires human wisdom and experience. From a frontline security operations admin to the...
Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
Our story begins with eight Microsoft Detection and Response Team DART analysts gathered around a customer’s conference room to solve a cybersecurity mystery. Joined by members of the customer’s cybersecurity team, they were there to figure out how a Russia-based nation-state hacking group known ...
Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world
At Microsoft, we never stop working to protect you and your data. If the evolving cyberattacks over the past three years have taught us anything, it’s that threat actors are both cunning and committed. At every level of your enterprise, attackers never stop looking for a way in. The massive...
Mitigate risk by integrating threat modeling and DevOps processes
Agile and DevOps are without any doubt two of the biggest security trends of recent years. The rapid rise of the cloud has only fueled the need for flexibility and dynamicity. Therefore, it’s natural for developers and organizations to seek methodologies and tools for addressing new requirements...
2023 identity security trends and solutions from Microsoft
Welcome to 2023! I wanted to kick this year off by having a quick look at the trends in identity security, what you can do about it, and what Microsoft is doing to help you. One of the things we talk about on the team is “shiny object syndrome”—there are a ton of innovative and scary attacks and...
Introducing kernel sanitizers on Microsoft platforms
As part of Microsoft’s commitment to continuously raise security baselines, we have been introducing innovations to the foundation of the chip-to-cloud security outlined in the Windows 11 Security Book. Strong foundational security enables us to build defenses from the ground up and develop...
Microsoft Security reaches another milestone—Comprehensive, customer-centric solutions drive results
Yesterday, we shared some exciting news about the momentum we’re seeing in the security industry. Microsoft Chief Executive Officer Satya Nadella announced that Microsoft Security has surpassed USD20 billion in revenue. I’m grateful to all our customers and partners who have been on this journey...
Microsoft Security innovations from 2022 to help you create a safer world today
The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...
Digital event highlights new features in Microsoft Purview
Keeping your company and customer data secure has never been more complex. With multiple clouds, legacy on-premises systems, and numerous devices, it can be hard to keep track of what data you have and where it lives. On top of that, ever-changing employee roles make managing who has access to wh...
Secure your business like you secure your home: 5 steps to protect against cybercrime
Running a business requires a lot of determination and sometimes a leap of faith. Every day brings a new challenge, and many times it can feel like the stress and uncertainty are too much. That’s when you remind yourself why you took the leap—the satisfaction of realizing your own vision—and you...
Microsoft Entra: 5 identity priorities for 2023
Welcome to 2023. After the pandemic upended how we work, learn, play, and manage our lives, we find ourselves more connected than ever, with more convenient access to an ever-wider range of online tools and experiences. But as our global digital footprint continues to grow, so does the risk of...
Unraveling the techniques of Mac ransomware
Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, systems, and platforms...
Microsoft research uncovers new Zerobot capabilities
Botnet malware operations are a constantly evolving threat to devices and networks. Threat actors target Internet of Things IoT devices for recruitment into malicious operations as IoT devices’ configurations often leave them exposed, and the number of internet-connected devices continue to grow...
Microsoft Intune: 5 endpoint management predictions for 2023
The end of the year typically brings with it a small library of reports with predictions for the year ahead. The value in these reports is less in the precise predictions themselves—given how interconnected the world is, no one has a perfect crystal ball. Rather, the forecasts help frame the...
Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
On July 27, 2022, Microsoft discovered a vulnerability in macOS that can allow attackers to bypass application execution restrictions imposed by Apple’s Gatekeeper security mechanism, designed to ensure only trusted apps run on Mac devices. We developed a proof-of-concept exploit to demonstrate t...
How to build a secure foundation for identity and access
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Christina Richmond, a...
Forrester names Microsoft a Leader in Q4 2022 Security Analytics Platforms Wave report
We’re excited to announce that Microsoft is named a Leader in The Forrester Wave: Security Analytics Platforms, Q4 2022. Microsoft achieved the highest possible score in 17 different criteria, including partner ecosystem, innovation roadmap, product security, case management, and architecture. Wi...
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers
Malware operations continue to rapidly evolve as threat actors add new capabilities to existing botnets, increasingly targeting and recruiting new types of devices. Attackers update malware to target additional operating systems, ranging from PCs to IoT devices, growing their infrastructure...
Do more with less with Microsoft Security—3 strategies to get you started
Relentless bad actors, evolving attack tactics, and numerous surfaces and endpoints that attackers may try to exploit. With the average cost of a data breach reaching an all-time high of USD4.35 million in 2022,1 protecting your people and data from adversaries is more important than ever. Plus,...
Cyber Signals: Risks to critical infrastructure on the rise
Today, the third edition of Cyber Signals was released spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. In this edition, we share new insights on wider risks that converging IT, Internet of Things IoT, and operation...
4 things to look for in a multicloud data protection solution
What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and edge clouds—to distribute applications and services...
IIS modules: The evolution of web shells and how to detect them
Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often results in web servers being an initial intrusion vector or mechanism of persistence. Monitoring for...
Mitigate threats with the new threat matrix for Kubernetes
Today, we are glad to release the third version of the threat matrix for Kubernetes, an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by Microsoft in 2020, was the first attempt to systematically cover the attack landscape of Kubernetes...
DEV-0139 launches targeted attacks against the cryptocurrency industry
Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also observed threat...
Implementing Zero Trust access to business data on BYOD with Trustd MTD and Microsoft Entra
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. As more employees work remotely on a variety of devices and networks, businesses need a security model that supports this new operational efficiency. An expanding perimeter poses...
Microsoft supports the DoD’s Zero Trust strategy
The Department of Defense DoD released its formal Zero Trust strategy today, marking a major milestone in its goal of achieving enterprise-wide implementation by 2027. The strategy comes at a critical time as United States government networks continue to face nearly half the global nation-state...
Join us at InfoSec Jupyterthon 2022
Notebooks are gaining popularity in InfoSec. Used interactively for investigations and hunting or as scheduled processing jobs, notebooks offer plenty of advantages over traditional security operations center SOC tools. Sitting somewhere between scripting/macros and a full-blown development...
Vulnerable SDK components lead to supply chain risks in IoT and OT environments
December 8, 2022 update - Reflected additional research on Boa-related CVEs and updated supply chain diagram. Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External...
DEV-0569 finds new ways to deliver Royal ransomware, various payloads
Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed DEV-0569 attacks show a pattern of...
Microsoft contributes S2C2F to OpenSSF to improve supply chain security
On August 4, 2022, Microsoft publicly shared a framework.pdf that it has been using to secure its own development practices since 2019, the Secure Supply Chain Consumption Framework S2C2F, previously the Open Source Software-Supply Chain Security OSS-SSC Framework. As a massive consumer of and...
Token tactics: How to prevent, detect, and respond to cloud token theft
As organizations increase their coverage of multifactor authentication MFA, threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team DART has seen an increa...
2022 holiday DDoS protection guide
The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays for example, more sales for retailers and more players for gaming companies. Unfortunately, cyb...
Microsoft threat intelligence presented at CyberWarCon 2022
At CyberWarCon 2022, Microsoft and LinkedIn analysts presented several sessions detailing analysis across multiple sets of actors and related activity. This blog is intended to summarize the content of the research covered in these presentations and demonstrates Microsoft Threat Intelligence...
Simplify privacy protection with Microsoft Priva Subject Rights Requests
The General Data Protection Regulation GDPR came into effect in 2018 and set a new standard for the level of control individuals in the European Union had on the personal data they shared online. Since then, the number of privacy regulations around the world has flourished and impacted the privac...
Microsoft Defender Experts for Hunting demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations for Managed Services
Microsoft Defender Experts for Hunting, our newest managed threat hunting service, delivered industry-leading results during the inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Services. We provided a seamless, comprehensive, and rapid response to the simulated attack using expert-led...
Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year
We are honored to announce that Microsoft has been named a Leader in the 2022 Gartner® Magic QuadrantTM for Access Management for Microsoft Azure Active Directory Azure AD, part of Microsoft Entra. We thank our customers who guide our strategy and product innovation, engage with us deeply in...
Identifying cyberthreats quickly with proactive security testing
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Matthew Hickey,...
Stopping C2 communications in human-operated ransomware through network protection
Command-and-control C2 servers are an essential part of ransomware, commodity, and nation-state attacks. They are used to control infected devices and perform malicious activities like downloading and launching payloads, controlling botnets, or commanding post-exploitation penetration frameworks ...
Microsoft Security tips for mitigating risk in mergers and acquisitions
Sixty-two percent of organizations that undertake mergers and acquisitions face significant cybersecurity risks or consider cyber risks their biggest concern post-acquisition.1 Threat actors that focus on corporate espionage often target the acquiring company, which we will refer to as the Parent...
The door is open for anyone to become a cyber defender
Throughout Cybersecurity Awareness Month, Microsoft has highlighted the importance of cybersecurity and provided resources to help people and organizations stay safe. It’s great to have this month as a reminder, and even better if that awareness becomes a year-round endeavor. Education is really...
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread. These infections lead to follow-on...
Discover Microsoft Security solutions for SLTT government grant readiness
As part of the Bipartisan Infrastructure Law, also known as the Infrastructure Investment and Jobs Act of 2021, the United States federal government announced a cybersecurity grant program for state, local, territorial, and tribal SLTT governments to fund allocation of USD1 billion over the next...
How to prevent lateral movement attacks using Microsoft 365 Defender
It’s been 10 years since the first version of the Mitigating Pass-the-Hash Attacks and Other Credential Theft whitepaper was made available, but the techniques are still relevant today, because they help prevent attackers from gaining a network foothold and using credential-dumping tools to extra...
How businesses are gaining integrated data protection with Microsoft Purview
Currently, our interconnected world is creating 2.5 quintillion bytes of data every day.1 Every purchase made, every email sent, every contract signed: all of it gets shared, accessed, and stored. We take it on faith that organizations are doing all this safely; however, data loss is becoming a...
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
In recent months, Microsoft has detected active ransomware and extortion campaigns impacting the global education sector, particularly in the US, by a threat actor we track as DEV-0832, also known as Vice Society. Shifting ransomware payloads over time from BlackCat, QuantumLocker, and Zeppelin,...
Secure your endpoints with Transparity and Microsoft
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Endpoint protection platforms EPPs are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ability to normalize and correlat...
Securing IoT devices against attacks that target critical infrastructure
South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today. According to South...