cybersecurity – Page 16 – PossibleThreat Articles

Credit to Author: Veronica Sun| Date: Tue, 04 Oct 2022 16:00:00 +0000

Cybersecurity Awareness Month is here. Get the #BeCybersmart education kit and learn how you can help your employees become cyber defenders.

The post Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart appeared first on Microsoft Security Blog.

Microsoft Security

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

September 30, 2022 0 Comments cybersecurity, exchange server, Microsoft, Microsoft security intelligence, Security, Vulnerabilities

Credit to Author: Katie McCafferty| Date: Sat, 01 Oct 2022 04:21:00 +0000

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog.

Microsoft Security

How one product manager builds community at Microsoft Security

September 29, 2022 0 Comments cybersecurity, Identity and access management

Credit to Author: Christine Barrett| Date: Thu, 29 Sep 2022 17:00:00 +0000

In this interview, Principal Product Manager Joey Cruz explains how his military experience inspires his work protecting customers in identity and access management at Microsoft.

The post How one product manager builds community at Microsoft Security appeared first on Microsoft Security Blog.

Microsoft Security

CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach

September 29, 2022 0 Comments cybersecurity, voice of the community

Credit to Author: Christine Barrett| Date: Thu, 29 Sep 2022 16:00:00 +0000

Mastercard Deputy Chief Security Officer Alissa “Dr. Jay” Abdullah, Ph.D., shares insights on why identity and access management is necessary and strategies for securing identities.

The post CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach appeared first on Microsoft Security Blog.

Microsoft Security

ZINC weaponizing open-source software

September 29, 2022 0 Comments cybersecurity, Microsoft, Microsoft security intelligence, nation-state actor, Security, Social engineering, zinc

Credit to Author: Katie McCafferty| Date: Thu, 29 Sep 2022 16:00:00 +0000

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

The post ZINC weaponizing open-source software appeared first on Microsoft Security Blog.

Microsoft Security

Malicious OAuth applications abuse cloud email services to spread spam

September 23, 2022 0 Comments cybersecurity, exchange server, malicious oauth applications, Microsoft security intelligence, Spam

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 22 Sep 2022 16:00:00 +0000

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.

The post Malicious OAuth applications abuse cloud email services to spread spam appeared first on Microsoft Security Blog.

Microsoft Security

Malicious OAuth applications used to compromise email servers and spread spam

September 22, 2022 0 Comments cybersecurity, exchange server, malicious oauth applications, Microsoft security intelligence, Spam

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 22 Sep 2022 16:00:00 +0000

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange servers to launch spam runs.

The post Malicious OAuth applications used to compromise email servers and spread spam appeared first on Microsoft Security Blog.

Microsoft Security

Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices

September 21, 2022 0 Comments cybersecurity, Microsoft security intelligence, Mobile Security, mobile threats

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 21 Sep 2022 17:00:00 +0000

A fake mobile banking rewards app delivered through a link in an SMS campaign has been making the rounds, targeting customers of Indian banking institutions. Users who install the mobile app are unknowingly installing an Android malware with remote access trojan (RAT) capabilities.

The post Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices appeared first on Microsoft Security Blog.

Microsoft Security

The art and science behind Microsoft threat hunting: Part 2

September 21, 2022 0 Comments cybersecurity, dart, microsoft detection and response team (dart), Threat protection

Credit to Author: Matt Thomas| Date: Wed, 21 Sep 2022 16:00:00 +0000

In this follow-up post in our series about threat hunting, we talk about some general hunting strategies, frameworks, tools, and how Microsoft incident responders work with threat intelligence.

The post The art and science behind Microsoft threat hunting: Part 2 appeared first on Microsoft Security Blog.

Microsoft Security

New Windows 11 security features are designed for hybrid work

September 20, 2022 0 Comments cybersecurity

Credit to Author: Christine Barrett| Date: Tue, 20 Sep 2022 17:00:00 +0000

With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security. We’re proud to announce the new security features you heard about this spring are now available.

The post New Windows 11 security features are designed for hybrid work appeared first on Microsoft Security Blog.