Microsoft

Credit to Author: Microsoft Incident Response| Date: Mon, 10 Feb 2025 17:00:00 +0000

Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time.

The post Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 06 Feb 2025 18:00:00 +0000

Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to launch ViewState code injection attacks and perform malicious actions on target servers.

The post Code injection attacks using publicly disclosed ASP.NET machine keys appeared first on Microsoft Security Blog.

Credit to Author: Benjamin Lim| Date: Mon, 03 Feb 2025 17:00:00 +0000

Security events offer a valuable opportunity to learn about the latest trends and solutions, evolve your skills for cyberthreats, and meet like-minded security professionals. See where you can meet Microsoft Security in 2025.

The post Hear from Microsoft Security experts at these top cybersecurity events in 2025 appeared first on Microsoft Security Blog.

Credit to Author: Joy Chik| Date: Tue, 28 Jan 2025 17:00:00 +0000

Adopting proactive defensive measures is the only way to get ahead of determined efforts to compromise identities and gain access to your environment.

The post 3 priorities for adopting proactive identity and access security in 2025 appeared first on Microsoft Security Blog.

Credit to Author: Steve Vandenberg| Date: Mon, 27 Jan 2025 17:00:00 +0000

Read how Microsoft Purview can secure and govern generative AI quickly, with minimal user impact, deployment resources, and change management.

The post Fast-track generative AI security with Microsoft Purview appeared first on Microsoft Security Blog.

Credit to Author: Natasha Crampton| Date: Wed, 15 Jan 2025 14:10:00 +0000

As our Microsoft AI Tour reached Brussels, Paris, and Berlin recently, we met with European organizations that were energized by the possibilities of our latest AI technologies and engaged in deployment projects. They were also alert to the fact that 2025 is the year that key obligations under the European Union’s AI Act come into effect, opening a new chapter in digital regulation as the world’s first, comprehensive AI law becomes a reality.

The post Innovating in line with the European Union’s AI Act  appeared first on Microsoft Security Blog.

Credit to Author: Blake Bullwinkel and Ram Shankar Siva Kumar| Date: Mon, 13 Jan 2025 16:00:00 +0000

Since 2018, Microsoft’s AI Red Team has probed generative AI products for critical safety and security vulnerabilities. Read our latest blog for three lessons we’ve learned along the way.

The post 3 takeaways from red teaming 100 generative AI products appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Security Experts| Date: Mon, 06 Jan 2025 17:00:00 +0000

Microsoft Defender Experts for XDR is a mature and proven service that triages, investigates, and responds to incidents and hunts for threats on a customer’s behalf around the clock. Learn more about why organizations across major industries rely on it.

The post Why security teams rely on Microsoft Defender Experts for XDR for managed detection and response appeared first on Microsoft Security Blog.