Credit to Author: Ramya Chitrakar| Date: Mon, 04 Nov 2024 17:00:00 +0000
This blog examines the impact of QR code phishing campaigns and the innovative features of Microsoft Defender for Office 365 that help combat evolving cyberthreats.
The post How Microsoft Defender for Office 365 innovated to address QR code phishing attacks appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Thu, 31 Oct 2024 17:00:00 +0000
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of compromised devices we track as CovertNetwork-1658, also known as xlogin and Quad7 (7777). Microsoft is […]
The post Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network appeared first on Microsoft Security Blog.
Read moreCredit to Author: Rob Lefferts| Date: Thu, 31 Oct 2024 17:00:00 +0000
Microsoft is positioned in the Leaders Category in the 2024 IDC MarketScape for worldwide SIEM for Enterprise—making it the third major analyst report in SIEM to name Microsoft as a Leader.
The post Microsoft now a Leader in three major analyst reports for SIEM appeared first on Microsoft Security Blog.
Read moreCredit to Author: Scott Woodgate| Date: Thu, 31 Oct 2024 16:00:00 +0000
The challenges that small and midsize businesses (SMBs) face when it comes to security continue to increase as it becomes more difficult to keep up with sophisticated cyberthreats with limited resources or security expertise. Research conducted highlights the top seven SMB cybersecurity trends and steps that can be taken to stay protected.
The post 7 cybersecurity trends and tips for small and medium businesses to stay protected appeared first on Microsoft Security Blog.
Read moreCredit to Author: Dasha Zenkovich| Date: Wed, 30 Oct 2024 16:00:00 +0000
Join us at Microsoft Ignite 2024 for sessions, keynotes, and networking aimed at giving you tools and strategies to put security first in your organization.
The post Microsoft Ignite: Sessions and demos to improve your security strategy appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Tue, 29 Oct 2024 19:00:00 +0000
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight […]
The post Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files appeared first on Microsoft Security Blog.
Read moreCredit to Author: Sherrod DeGrippo| Date: Tue, 22 Oct 2024 16:00:00 +0000
Healthcare organizations are an attractive target for ransomware attacks. Read our latest blog post to learn why and get strategies to protect yourself from cyberthreats.
The post Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Thu, 17 Oct 2024 16:00:00 +0000
Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a […]
The post New macOS vulnerability, “HM Surf”, could lead to unauthorized data access appeared first on Microsoft Security Blog.
Read moreCredit to Author: Tom Burt| Date: Tue, 15 Oct 2024 14:00:00 +0000
We must find a way to stem the tide of this malicious cyber activity. That includes continuing to harden our digital domains to protect our networks, data, and people at all levels. However, this challenge will not be accomplished solely by executing a checklist of cyber hygiene measures but only through a focus on and commitment to the foundations of cyber defense from the individual user to the corporate executive and to government leaders.
The post Escalating cyber threats demand stronger global defense and cooperation appeared first on Microsoft Security Blog.
Read moreCredit to Author: David Weston| Date: Fri, 11 Oct 2024 17:00:00 +0000
Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks. Microsoft is sharing recommended actions administrators can take now to help prevent successful Kerberoasting cyberattacks.
The post Microsoft’s guidance to help mitigate Kerberoasting appeared first on Microsoft Security Blog.
Read more