Explore Microsoft’s AI innovations at RSA Conference 2024
Will you be at the RSA Conference? Join us for Microsoft Pre-Day, sessions, and other events for insights on leading in AI. Keep reading for what to expect at the event.
Microsoft publishes new report on holistic insider risk management
The risk landscape for organizations has changed significantly in the past few years. Traditional ways of identifying and mitigating risks simply don’t work. Historically, organizations have focused on external threats; however, risks from within the organization can be just as prevalent and harmful. This new Microsoft-commissioned report lays out several new insights about how organizations go from a fragmented approach to insider risk management to a holistic one.
Detecting and preventing LSASS credential dumping attacks
LSASS credential dumping is becoming prevalent, especially with the rise of human-operated ransomware. In May 2022, Microsoft participated in an evaluation conducted by AV-Comparatives specifically on detecting and blocking this attack technique and we’re happy to report that Microsoft Defender for Endpoint achieved 100% detection and prevention scores.
Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart
Cybersecurity Awareness Month is here. Get the #BeCybersmart education kit and learn how you can help your employees become cyber defenders.
Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.
Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
How one product manager builds community at Microsoft Security
In this interview, Principal Product Manager Joey Cruz explains how his military experience inspires his work protecting customers in identity and access management at Microsoft.
CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach
Mastercard Deputy Chief Security Officer Alissa “Dr. Jay” Abdullah, Ph.D., shares insights on why identity and access management is necessary and strategies for securing identities.
ZINC weaponizing open-source software
In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.
Malicious OAuth applications abuse cloud email services to spread spam
Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.
Simplify endpoint management with Microsoft Intune
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices
A fake mobile banking rewards app delivered through a link in an SMS campaign has been making the rounds, targeting customers of Indian banking institutions. Users who install the mobile app are unknowingly installing an Android malware with remote access trojan (RAT) capabilities.
The art and science behind Microsoft threat hunting: Part 2
In this follow-up post in our series about threat hunting, we talk about some general hunting strategies, frameworks, tools, and how Microsoft incident responders work with threat intelligence.