Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management and positioned based on our Ability to Execute Completeness of vision. The post Microsoft is again named a Leader in the 2024 Gartner®…
Category: Microsoft Security Blog
Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management
Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management and positioned based on our Ability to Execute Completeness of vision. The post Microsoft is again named a Leader in the 2024 Gartner®…
How implementing a trust fabric strengthens identity and network
The new era of cybersecurity demands a comprehensive, adaptive, real-time approach to securing access. At Microsoft, we call this approach the trust fabric. The post How implementing a trust fabric strengthens identity and network appeared first on Microsoft Security Blog.…
Security above all else—expanding Microsoft’s Secure Future Initiative
Microsoft is expanding the scope of the Secure Future Initiative to adapt to the evolving cyberthreat landscape. Read about the principles and pillars driving this initiative. The post Security above all else—expanding Microsoft’s Secure Future Initiative appeared first on Microsoft…
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps
Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts.…
Microsoft introduces passkeys for consumer accounts
The best part about passkeys is that you’ll never need to worry about creating, forgetting, or resetting passwords ever again. Read about Microsoft’s new passkey support for consumer accounts. The post Microsoft introduces passkeys for consumer accounts appeared first on…
New Microsoft Incident Response guide helps simplify cyberthreat investigations
Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team. The post New Microsoft Incident Response guide helps simplify cyberthreat investigations appeared first on Microsoft Security Blog. This article has…
5 ways a CNAPP can strengthen your multicloud security environment
CNAPP, or cloud-native application protection platform, can be a powerful tool in your cybersecurity toolkit. Read on for highlights of our guide diving into the topic. The post 5 ways a CNAPP can strengthen your multicloud security environment appeared first…
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028. The post Analyzing Forest Blizzard’s…
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters
Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity. The post Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters appeared first on Microsoft Security…