Microsoft

Credit to Author: Microsoft Security Experts and Rani Lofstrom| Date: Mon, 09 Oct 2023 16:00:00 +0000

Read about the latest updates to our Microsoft Security Experts product offerings.

The post Expanded Microsoft Security Experts offerings provide comprehensive protection appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 03 Oct 2023 16:30:00 +0000

Microsoft security researchers recently identified an attack where attackers attempted to move laterally to a cloud environment through a SQL Server instance. The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment to gain access and elevated permissions to a Microsoft SQL Server instance deployed in an Azure Virtual Machine (VM). The attackers then used the acquired elevated permission to attempt to move laterally to additional cloud resources by abusing the server’s cloud identity.

The post Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement appeared first on Microsoft Security Blog.

Credit to Author: Vasu Jakkal| Date: Mon, 02 Oct 2023 16:00:00 +0000

It’s Cybersecurity Awareness Month! Celebrate security with us and prioritize it year-round. Explore how Microsoft is continuously innovating and creating the #BeCybersmart kit to help you and your organization stay safe online.

The post Celebrate 20 years of Cybersecurity Awareness Month with Microsoft and let’s secure our world together appeared first on Microsoft Security Blog.

Credit to Author: Jessica Afeku| Date: Thu, 28 Sep 2023 16:00:00 +0000

Join Microsoft Security at Microsoft Ignite 2023 for the latest security insights, hands-on skilling, product innovations, in-person networking, and more.

The post Join the new Microsoft Security experience at Microsoft Ignite 2023 appeared first on Microsoft Security Blog.

Credit to Author: Vasu Jakkal| Date: Thu, 21 Sep 2023 15:00:00 +0000

Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI.

The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog.

Credit to Author: Tanmay Ganacharya| Date: Wed, 20 Sep 2023 13:00:00 +0000

​For the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcases Microsoft 365 Defender as a leading solution, enabled by next-gen protection, industry-first capabilities like automatic attack disruption, and more.

The post Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise  appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 14 Sep 2023 16:30:00 +0000

Since February 2023, Microsoft has observed a high volume of password spray attacks attributed to Peach Sandstorm, an Iranian nation-state group. In a small number of cases, Peach Sandstorm successfully authenticated to an account and used a combination of publicly available and custom tools for persistence, lateral movement, and exfiltration.

The post Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets appeared first on Microsoft Security Blog.