Credit to Author: Christine Barrett| Date: Thu, 18 Aug 2022 16:00:00 +0000
Microsoft speakers at Gartner Identity & Access Management Summit focus on permissions management, infrastructure attacks, and moving to cloud-based identity.
The post Connect with Microsoft Security experts at the 2022 Gartner Identity & Access Management Summit appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Mon, 15 Aug 2022 16:00:00 +0000
The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM in campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.
The post Disrupting SEABORGIUM’s ongoing phishing operations appeared first on Microsoft Security Blog.
Read moreCredit to Author: Christine Barrett| Date: Mon, 08 Aug 2022 16:00:00 +0000
Corporate Governance scoring is increasingly important to boards of directors, executive leadership, and the investment community. Governance frameworks now incorporate aspects of IT security. Communicating the security message in ways that impact a company’s governance score is important to getting attention and investment from corporate leadership. This post examines a leading governance framework from Institutional Shareholder Services, Governance QualityScore, and the specifics of how IT security can increase a company’s score.
The post IT security: An opportunity to raise corporate governance scores appeared first on Microsoft Security Blog.
Read moreCredit to Author: Christine Barrett| Date: Thu, 04 Aug 2022 16:00:00 +0000
The threat landscape has changed over the last few years. A mitigation strategy involves collaboration between the security operations and IT infrastructure teams. There are three best practices to enable collaboration, highlighting the role of endpoint management in helping organizations unify their efforts in this blog.
The post How IT and security teams can work together to improve endpoint security appeared first on Microsoft Security Blog.
Read moreCredit to Author: Christine Barrett| Date: Wed, 03 Aug 2022 16:00:00 +0000
Microsoft Defender Experts for Hunting is now generally available. The security offering provides a proactive hunting service combining expert-trained technology with human-led services to hunt for threats across Microsoft 365 data.
The post Microsoft Defender Experts for Hunting proactively hunts threats appeared first on Microsoft Security Blog.
Read moreCredit to Author: Christine Barrett| Date: Tue, 02 Aug 2022 13:00:00 +0000
Defenders are up against the most sophisticated threat landscape we’ve ever seen. Today, we’re proud to execute our threat intelligence vision behind that acquisition and announce several new solutions to help security teams get ahead of adversaries and catch what others miss.
The post Microsoft announces new solutions for threat intelligence and attack surface management appeared first on Microsoft Security Blog.
Read moreCredit to Author: Christine Barrett| Date: Thu, 28 Jul 2022 16:00:00 +0000
Chief Executive Officer and owner of Ampere Industrial Security Patrick C. Miller discusses the security and hiring challenges of protecting industrial systems.
The post Industrial systems: What it takes to secure and staff them appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 27 Jul 2022 14:00:00 +0000
MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.
The post Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits appeared first on Microsoft Security Blog.
Read moreCredit to Author: Katie McCafferty| Date: Tue, 26 Jul 2022 17:00:00 +0000
Attackers are increasingly leveraging managed IIS extensions as covert backdoors into servers, providing a durable persistence mechanism for attacks.
The post Malicious IIS extensions quietly open persistent backdoors into servers appeared first on Microsoft Security Blog.
Read moreCredit to Author: Christine Barrett| Date: Tue, 26 Jul 2022 16:00:00 +0000
Microsoft Partner Director of Identity Security Alex Weinert talks with Nitika Gupta, a Microsoft Principal Product Manager who leads the team responsible for enterprise admin capabilities for identity security.
The post How one Microsoft product manager acts as champion for identity security appeared first on Microsoft Security Blog.
Read more