Microsoft – Page 52 – PossibleThreat Articles

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 18:09:21 +0000

In Gartner’s annual Magic Quadrant for Enterprise Information Archiving (EIA), Microsoft was named a Leader again.

The post Gartner Names Microsoft a Leader in the 2019 Enterprise Information Archiving (EIA) Magic Quadrant appeared first on Microsoft Security .

Microsoft Security

Insights from one year of tracking a polymorphic threat

November 26, 2019 0 Comments behavior monitoring, behavior-based machine learning, behavioral blocking and containment, cybersecurity, dexphot, fileless, Microsoft security intelligence, polymorphic malware

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 17:00:56 +0000

We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.

The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security .

Microsoft Security

Going in-depth on the Windows 10 random number generation infrastructure

November 25, 2019 0 Comments cybersecurity, entropy system, Microsoft security intelligence, prng, pseudo-random number generator, random number generation, rng, Windows 10

Credit to Author: Eric Avena| Date: Mon, 25 Nov 2019 19:00:33 +0000

We are happy to release to the public The Windows 10 random number generation infrastructure white paper, which provides details about the Windows 10 pseudo-random number generator (PRNG) infrastructure, and lists the primary RNG APIs. The whitepaper also explains how the entropy system works, what the entropy sources are, and how initial seeding works.

The post Going in-depth on the Windows 10 random number generation infrastructure appeared first on Microsoft Security .

Microsoft Security

Rethinking cyber learning—consider gamification

November 25, 2019 0 Comments CISO series, Ciso series page, Microsoft security intelligence, phishing, Threat protection

Credit to Author: Todd VanderArk| Date: Mon, 25 Nov 2019 17:00:55 +0000

Gamified cybersecurity solutions offer immense promise by giving users practical, hands-on opportunities to learn by doing. Microsoft and Circadence are partnering to deliver Azure-hosted cyber range learning solutions for beginners up to advanced SecOps pros. Gamification is an increasingly important way for enterprises to attract tomorrow’s cyber pro talent and create tailored learning and more defined career paths and progression.

The post Rethinking cyber learning—consider gamification appeared first on Microsoft Security .

Microsoft Security

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

November 14, 2019 0 Comments Azure Security, Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, microsoft detection and response team (dart)

Credit to Author: Todd VanderArk| Date: Thu, 14 Nov 2019 17:00:56 +0000

A series on DART’s tools, techniques, and procedures for investigating cybersecurity incidents at their customer organizations. Part 1 introduces the team and gives a brief overview of the tools that DART utilizes.

The post Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1 appeared first on Microsoft Security .

Microsoft Security

Zero Trust strategy—what good looks like

November 11, 2019 0 Comments CISO series, Ciso series page, Identity and access management, Security Intelligence, Zero Trust

Credit to Author: Todd VanderArk| Date: Mon, 11 Nov 2019 17:00:11 +0000

Zero Trust is a model that will ultimately be infused throughout your enterprise and should inform virtually all access decisions and interactions between systems.

The post Zero Trust strategy—what good looks like appeared first on Microsoft Security .

Microsoft Security

Microsoft works with researchers to detect and protect against new RDP exploits

November 7, 2019 0 Comments BlueKeep, cve-2019-0708, cybersecurity, Exploit, Microsoft security intelligence, Remote Desktop Protocol (RDP)

Credit to Author: Eric Avena| Date: Thu, 07 Nov 2019 21:05:30 +0000

The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.

The post Microsoft works with researchers to detect and protect against new RDP exploits appeared first on Microsoft Security .

Microsoft Security

Thinking about the balance between compliance and security

November 7, 2019 0 Comments CISO series, Ciso series page, Information/data protection, Security strategies

Credit to Author: Todd VanderArk| Date: Tue, 05 Nov 2019 17:00:55 +0000

Ann Johnson shares best practices and tips on how to balance security with privacy compliance from her visit with Emma Smith, Global Security Director at Vodafone Group.

The post Thinking about the balance between compliance and security appeared first on Microsoft Security .

Microsoft Security

How to balance compliance and security with limited resources

November 5, 2019 0 Comments CISO series, Ciso series page, Information/data protection, Security strategies

Credit to Author: Todd VanderArk| Date: Tue, 05 Nov 2019 17:00:55 +0000

Ann Johnson shares best practices and tips on how to balance security with privacy compliance from her visit with Emma Smith, Global Security Director at Vodafone Group.

The post How to balance compliance and security with limited resources appeared first on Microsoft Security .