Microsoft – Page 6 – PossibleThreat Articles

Credit to Author: Joy Chik| Date: Mon, 26 Aug 2024 16:00:00 +0000

United States Government agencies are adopting Microsoft Entra ID to consolidate siloed identity solutions, reduce operational complexity, and improve control and visibility across all users.

The post How Microsoft Entra ID supports US government agencies in meeting identity security requirements appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy

August 23, 2024 0 Comments

Credit to Author: Jessica Afeku| Date: Thu, 22 Aug 2024 16:00:00 +0000

The Microsoft AI Tour is coming to a city near you. Join a free, one-day tour event to learn how we are making AI deployment more secure.

The post Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft again ranked number one in modern endpoint security market share

August 23, 2024 0 Comments

Credit to Author: Rob Lefferts| Date: Wed, 21 Aug 2024 16:00:00 +0000

IDC Worldwide Corporate Endpoint Security Market Shares report for 2023 ranks Microsoft number one in market share with a 40.7% increase in share over last year.

The post Microsoft again ranked number one in modern endpoint security market share appeared first on Microsoft Security Blog.

Microsoft Security

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

August 14, 2024 0 Comments Android, MacOS, Windows

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 08 Aug 2024 18:00:00 +0000

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.

The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog.

Microsoft Security

How Microsoft and NIST are collaborating to advance the Zero Trust Implementation

August 10, 2024 0 Comments

Credit to Author: Mark Simos| Date: Tue, 06 Aug 2024 20:00:00 +0000

Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details of their collaboration on a Zero Trust (ZT) implementation and what this learning pathway means for your organization.

The post How Microsoft and NIST are collaborating to advance the Zero Trust Implementation appeared first on Microsoft Security Blog.

Microsoft Security

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption

August 3, 2024 0 Comments Ransomware, storm

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 29 Jul 2024 16:00:00 +0000

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.

The post Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption appeared first on Microsoft Security Blog.

Microsoft Security

New Microsoft whitepaper shares how to prepare your data for secure AI adoption

August 2, 2024 0 Comments Microsoft 365

Credit to Author: Herain Oberoi| Date: Tue, 30 Jul 2024 16:00:00 +0000

In our newly released whitepaper, we share strategies to prepare for the top data challenges and new data security needs in the age of AI.

The post New Microsoft whitepaper shares how to prepare your data for secure AI adoption appeared first on Microsoft Security Blog.

Microsoft Security

Windows Security best practices for integrating and managing security tools

July 31, 2024 0 Comments

Credit to Author: David Weston| Date: Sat, 27 Jul 2024 22:24:03 +0000

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

The post Windows Security best practices for integrating and managing security tools appeared first on Microsoft Security Blog.

Microsoft Security

Onyx Sleet uses array of malware to gather intelligence for North Korea

July 31, 2024 0 Comments log4j, sleet

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 25 Jul 2024 15:57:18 +0000

On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity associated with Onyx Sleet. We will continue to closely monitor Onyx Sleet’s activity to assess changes following the indictment.

The post Onyx Sleet uses array of malware to gather intelligence for North Korea appeared first on Microsoft Security Blog.

Microsoft Security

Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture

July 24, 2024 0 Comments

Credit to Author: Microsoft Security Team| Date: Wed, 24 Jul 2024 16:00:00 +0000

Register for the “Zero Trust in the Age of AI” webcast to learn more about how our new capabilities in identity and network access and security operations make it easier to implement Zero Trust across your entire environment.

The post Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture appeared first on Microsoft Security Blog.