Tag: Microsoft Security Blog

Onyx Sleet uses array of malware to gather intelligence for North Korea

2024-07-26 10:07

On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking…

Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture

2024-07-24 21:07

Register for the “Zero Trust in the Age of AI” webcast to learn more about how our new capabilities in identity and network access and security operations make it easier to implement Zero Trust across your entire environment. The post…

Connect with Microsoft Security at Black Hat USA 2024

2024-07-19 06:07

Join Microsoft Security leaders and other security professionals from around the world at Black Hat USA 2024 to learn the latest information on security in the age of AI, cybersecurity protection, threat intelligence insights, and more. The post Connect with…

Microsoft Purview Data Governance will be generally available September 1, 2024

2024-07-18 21:07

Microsoft Purview Data Governance will become generally available to enterprise customers on September 1, 2024. It helps today’s data leaders solve their key data governance and security challenges in one unified AI-powered and business-friendly solution. The post Microsoft Purview Data…

Microsoft Purview Data Governance will be generally available September 1, 2024

2024-07-17 10:07

Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations platform, now generally available

2024-07-12 09:07

Microsoft is announcing the Microsoft Entra Suite and the unified security operations platform, two innovations that simplify the implementation of your Zero Trust security strategy. The post Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations…

Vulnerabilities in PanelView Plus devices could lead to remote code execution

2024-07-02 19:07

Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell’s PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). PanelView Plus devices are graphic terminals, which are known as…

Working with a cybersecurity committee of the board

2024-06-28 12:06

Learn about the rise of cybersecurity committees and how the CISO and IT security team can work with them to produce the best result for the organization’s IT security and enable digital transformation. The post Working with a cybersecurity committee…

Mitigating Skeleton Key, a new type of generative AI jailbreak technique

2024-06-28 12:06

Microsoft recently discovered a new type of generative AI jailbreak method called Skeleton Key that could impact the implementations of some large and small language models. This new method has the potential to subvert either the built-in model safety or…

How to boost your incident response readiness

2024-06-26 09:06

Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team. The post How to boost your incident response readiness appeared first on Microsoft Security Blog. This…

Microsoft Defender Experts for XDR recognized in the latest MITRE Engenuity ATT&CK® Evaluation for Managed Services

2024-06-19 18:06

Microsoft Defender Experts for XDR delivered excellent results during round 2 of the MITRE Engenuity ATT&CK® Evaluations for Managed Services menuPass + ALPHV BlackCat. The post Microsoft Defender Experts for XDR recognized in the latest MITRE Engenuity ATT&CK® Evaluation for…

Microsoft Incident Response tips for managing a mass password reset

2024-06-13 06:06

When an active incident leaves systems vulnerable, a mass password reset may be the right tool to restore security. This post explores the necessity and risk associated with mass password resets. The post Microsoft Incident Response tips for managing a…

How to achieve cloud-native endpoint management with Microsoft Intune

2024-06-12 17:06

In this post, we’re focusing on what it really takes for organizations to become fully cloud-native in endpoint management—from the strategic leadership to the tactical execution. The post How to achieve cloud-native endpoint management with Microsoft Intune appeared first on…

Microsoft is again named the overall leader in the Forrester Wave for XDR

2024-06-04 15:06

Microsoft has been named a leader in The Forrester Wave™: Extended Detection and Response (XDR) platforms, Q2, 2024, and received the highest scores in both strategy and current offering categories, as well as in the market presence category. The post…

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

2024-05-31 22:05

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the…

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

2024-05-29 18:05

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that combines many tried-and-true techniques used by other North Korean threat actors, as well as unique attack methodologies to target companies for its financial…

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

2024-05-29 18:05

Discover the top multicloud security risks across DevOps, runtime environments, identity and access, and data in this new report from Microsoft. The post 6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy appeared first…

Cyber Signals: Inside the growing risk of gift card fraud

2024-05-25 07:05

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. The latest edition of Cyber Signals dives deep into the world of Storm-0539, also known as Atlas Lion, shedding light on their sophisticated methods of…

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

2024-05-16 11:05

Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that lead to malware like Qakbot followed by Black Basta ransomware deployment. The post Threat actors misusing Quick Assist in…

1 2 3 4 »


10.4K	8K	100+	500+