Test your team’s security readiness with the Gone Phishing Tournament

Credit to Author: Christine Barrett| Date: Thu, 15 Sep 2022 16:00:00 +0000

In partnership with Microsoft, Terranova created the Gone Phishing Tournament, an online phishing initiative that uses real-world simulations to establish accurate phishing clickthrough rates and additional benchmarking statistics for user behaviors.

The post Test your team’s security readiness with the Gone Phishing Tournament appeared first on Microsoft Security Blog.

Read more

Implementing a Zero Trust strategy after compromise recovery

Credit to Author: Matt Thomas| Date: Wed, 14 Sep 2022 16:00:00 +0000

After a compromise recovery follows what we call a Security Strategic Recovery. This is the plan for moving forward to get up to date with security posture all over the environment. The plan consists of different components like securing privileged access and extended detection and response, but it all points in the same direction: moving ahead with Zero Trust Strategy over traditional network-based security.

The post Implementing a Zero Trust strategy after compromise recovery appeared first on Microsoft Security Blog.

Read more

Secure your endpoints with Transparity and Microsoft

Credit to Author: Christine Barrett| Date: Tue, 13 Sep 2022 16:00:00 +0000

When it comes to cybersecurity, the ability to normalize and correlate disparate logs from different devices, appliances, and resources is key, as is the ability to react quickly when under attack. In this blog post, we explore the importance of EPP as an essential component in your security strategy.

The post Secure your endpoints with Transparity and Microsoft appeared first on Microsoft Security Blog.

Read more

The art and science behind Microsoft threat hunting: Part 1

Credit to Author: Christine Barrett| Date: Thu, 08 Sep 2022 16:00:00 +0000

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities.

The post The art and science behind Microsoft threat hunting: Part 1 appeared first on Microsoft Security Blog.

Read more

Microsoft investigates Iranian attacks against the Albanian government

Credit to Author: Paul Oliveria| Date: Thu, 08 Sep 2022 15:00:00 +0000

Shortly after the destructive cyberattacks on the Albanian government in mid-July, the Microsoft Detection and Response Team (DART) was engaged to lead an investigation into the attacks.

The post Microsoft investigates Iranian attacks against the Albanian government appeared first on Microsoft Security Blog.

Read more

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

Credit to Author: Paul Oliveria| Date: Wed, 07 Sep 2022 21:00:00 +0000

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns tied to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS.

The post Profiling DEV-0270: PHOSPHORUS’ ransomware operations appeared first on Microsoft Security Blog.

Read more

One Microsoft manager’s entrepreneurial vision for multicloud identity and access

Credit to Author: Christine Barrett| Date: Wed, 07 Sep 2022 16:00:00 +0000

Balaji Parimi, Partner General Manager of Permissions Management in the Identity and Network Access Division at Microsoft, discusses what his startup background brings to his work in identity and access management.

The post One Microsoft manager’s entrepreneurial vision for multicloud identity and access appeared first on Microsoft Security Blog.

Read more

Vulnerability in TikTok Android app could lead to one-click account hijacking

Credit to Author: Katie McCafferty| Date: Wed, 31 Aug 2022 16:00:00 +0000

Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users’ accounts with a single click.

The post Vulnerability in TikTok Android app could lead to one-click account hijacking appeared first on Microsoft Security Blog.

Read more

Stop Ransomware with Microsoft Security digital event presents threat intelligence in action

Credit to Author: Christine Barrett| Date: Wed, 31 Aug 2022 13:00:00 +0000

Join the Stop Ransomware with Microsoft Security digital event on September 15, 2022, to learn how to safeguard your organization from today’s attacks—and be ready for tomorrow’s.

The post Stop Ransomware with Microsoft Security digital event presents threat intelligence in action appeared first on Microsoft Security Blog.

Read more

Cyber Signals: 3 strategies for protection against ransomware

Credit to Author: Christine Barrett| Date: Tue, 30 Aug 2022 15:00:00 +0000

New Cyber Signals shows more than 80 percent of ransomware attacks can be traced to common configuration errors. Here’s how we can get ahead of these attacks together as a cyber defender community.

The post Cyber Signals: 3 strategies for protection against ransomware appeared first on Microsoft Security Blog.

Read more