Microsoft – Page 15 – PossibleThreat Articles

Credit to Author: Microsoft Threat Intelligence| Date: Fri, 15 Dec 2023 17:00:00 +0000

Four new unauthenticated remotely exploitable security vulnerabilities discovered in the popular source code management platform Perforce Helix Core Server have been remediated after being responsibly disclosed by Microsoft. Perforce Server customers are strongly urged to update to version 2023.1/2513900.

The post Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server appeared first on Microsoft Security Blog.

Microsoft Security

Threat actors misuse OAuth applications to automate financially driven attacks

December 14, 2023 0 Comments credential theft, cryptocurrency mining, storm, token theft

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 12 Dec 2023 18:00:00 +0000

Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.

The post Threat actors misuse OAuth applications to automate financially driven attacks appeared first on Microsoft Security Blog.

Microsoft Security

Strengthening identity protection in the face of highly sophisticated attacks

December 14, 2023 0 Comments

Credit to Author: Alex Weinert| Date: Tue, 12 Dec 2023 17:00:00 +0000

Get the latest information on our engineering advancements and continued commitments to secure identities as part of the Secure Future Initiative.

The post Strengthening identity protection in the face of highly sophisticated attacks appeared first on Microsoft Security Blog.

Microsoft Security

New Microsoft Incident Response team guide shares best practices for security teams and leaders

December 14, 2023 0 Comments

Credit to Author: Microsoft Incident Response| Date: Mon, 11 Dec 2023 17:00:00 +0000

The Microsoft Incident Response team shares a downloadable, interactive, people-centric, guide to effective incident response.

The post New Microsoft Incident Response team guide shares best practices for security teams and leaders appeared first on Microsoft Security Blog.

Microsoft Security

New Microsoft Purview features use AI to help secure and govern all your data

December 10, 2023 0 Comments

Credit to Author: Herain Oberoi| Date: Thu, 07 Dec 2023 17:00:00 +0000

Learn about the new Microsoft Purview features and capabilities announced at Microsoft Ignite 2023.

The post New Microsoft Purview features use AI to help secure and govern all your data appeared first on Microsoft Security Blog.

Microsoft Security

Star Blizzard increases sophistication and evasion in ongoing attacks

December 10, 2023 0 Comments blizzard, credential theft, star blizzard (seaborgium), state-sponsored threat actor

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 07 Dec 2023 12:01:00 +0000

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.

The post Star Blizzard increases sophistication and evasion in ongoing attacks appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft Security Copilot drives new product integrations at Microsoft Ignite to empower security and IT teams

December 10, 2023 0 Comments

Credit to Author: Kathleen Lavallee| Date: Wed, 06 Dec 2023 17:00:00 +0000

Microsoft Security Copilot offers several use cases and embedded experiences—and early access participants are already sharing their perspectives on the solution. Find out for yourself by joining the program.

The post Microsoft Security Copilot drives new product integrations at Microsoft Ignite to empower security and IT teams appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft Incident Response lessons on preventing cloud identity compromise

December 10, 2023 0 Comments

Credit to Author: Microsoft Incident Response| Date: Tue, 05 Dec 2023 17:00:00 +0000

In real-world customer engagements, Microsoft Incident Response (Microsoft IR) sees combinations of issues and misconfigurations that could lead to attacker access to customers’ Microsoft Entra ID tenants. Effective protection of a customer’s Entra ID tenant is less challenging than protecting an Active Directory deployment but does require governance and monitoring. Reducing risk and exposure of your most privileged accounts plays a critical role in preventing or detecting attempts at tenant-wide compromise.

The post Microsoft Incident Response lessons on preventing cloud identity compromise appeared first on Microsoft Security Blog.

Microsoft Security

3 reasons why now is the time to go cloud native for device management

December 10, 2023 0 Comments

Credit to Author: Michael Wallent| Date: Tue, 05 Dec 2023 16:00:00 +0000

Discover these three recent customer stories to better understand the full value of becoming cloud native.

The post 3 reasons why now is the time to go cloud native for device management appeared first on Microsoft Security Blog.

Microsoft Security

Protecting credentials against social engineering: Cyberattack Series

December 10, 2023 0 Comments

Credit to Author: Microsoft Incident Response| Date: Mon, 04 Dec 2023 17:00:00 +0000

Our fourth installation in the Cyberattack Series examines a smishing and social engineering attack and outlines the steps organizations can take to help minimize the risk and prepare for the possibility.

The post Protecting credentials against social engineering: Cyberattack Series appeared first on Microsoft Security Blog.