Credit to Author: Benjamin Lim| Date: Thu, 19 Sep 2024 16:00:00 +0000
Join us in November 2024 in Chicago for Microsoft Ignite to connect with industry leaders and learn about our newest solutions and innovations.
The post Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI appeared first on Microsoft Security Blog.
Read moreCredit to Author: Vasu Jakkal| Date: Wed, 18 Sep 2024 16:00:00 +0000
End-to-end security is a modern, comprehensive approach to data protection that aligns data protection and incident response across devices, systems, and users. Read the blog post to explore why it’s an attractive option for organizations committed to strengthening their cybersecurity.
The post How comprehensive security simplifies the defense of your digital estate appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence and Microsoft Security Response Center (MSRC)| Date: Fri, 30 Aug 2024 16:00:00 +0000
Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) in the Chromium renderer process. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet, a North Korean threat actor that commonly targets the cryptocurrency sector for financial gain.
The post North Korean threat actor Citrine Sleet exploiting Chromium zero-day appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Incident Response| Date: Wed, 28 Aug 2024 19:00:00 +0000
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios.
The post The art and science behind Microsoft threat hunting: Part 3 appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Wed, 28 Aug 2024 15:00:00 +0000
Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as well as federal and state government sectors in the United States and the United Arab […]
The post Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations appeared first on Microsoft Security Blog.
Read moreCredit to Author: Joy Chik| Date: Mon, 26 Aug 2024 16:00:00 +0000
United States Government agencies are adopting Microsoft Entra ID to consolidate siloed identity solutions, reduce operational complexity, and improve control and visibility across all users.
The post How Microsoft Entra ID supports US government agencies in meeting identity security requirements appeared first on Microsoft Security Blog.
Read moreCredit to Author: Jessica Afeku| Date: Thu, 22 Aug 2024 16:00:00 +0000
The Microsoft AI Tour is coming to a city near you. Join a free, one-day tour event to learn how we are making AI deployment more secure.
The post Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy appeared first on Microsoft Security Blog.
Read moreCredit to Author: Rob Lefferts| Date: Wed, 21 Aug 2024 16:00:00 +0000
IDC Worldwide Corporate Endpoint Security Market Shares report for 2023 ranks Microsoft number one in market share with a 40.7% increase in share over last year.
The post Microsoft again ranked number one in modern endpoint security market share appeared first on Microsoft Security Blog.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Thu, 08 Aug 2024 18:00:00 +0000
Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog.
Read moreCredit to Author: Mark Simos| Date: Tue, 06 Aug 2024 20:00:00 +0000
Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details of their collaboration on a Zero Trust (ZT) implementation and what this learning pathway means for your organization.
The post How Microsoft and NIST are collaborating to advance the Zero Trust Implementation appeared first on Microsoft Security Blog.
Read more