MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

Credit to Author: Paul Oliveria| Date: Thu, 25 Aug 2022 16:00:00 +0000

Microsoft detected an Iran-based threat actor the Microsoft Threat Intelligence Center (MSTIC) tracks as MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations located in Israel.

The post MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations appeared first on Microsoft Security Blog.

Read more

Microsoft Security highlights from Black Hat USA 2022

Credit to Author: Christine Barrett| Date: Thu, 25 Aug 2022 16:00:00 +0000

Black Hat USA 2022 marked the twenty-fifth year that security researchers, security architects, and other security professionals have gathered to share the latest research, developments, and trends. Here are the highlights from the Microsoft Security booth.

The post Microsoft Security highlights from Black Hat USA 2022 appeared first on Microsoft Security Blog.

Read more

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone

Credit to Author: Paul Oliveria| Date: Wed, 24 Aug 2022 17:00:00 +0000

Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments.

The post MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone appeared first on Microsoft Security Blog.

Read more

Data governance: 5 tips for holistic data protection

Credit to Author: Christine Barrett| Date: Wed, 24 Aug 2022 16:00:00 +0000

Proactive data governance offers a holistic approach that conserves resources and simplifies the protection of your data assets. Microsoft Purview provides a comprehensive data governance solution designed to help manage your on-premises, multicloud, and software as a service (SaaS) data. Here are five ways it can help.

The post Data governance: 5 tips for holistic data protection appeared first on Microsoft Security Blog.

Read more

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks

Credit to Author: Paul Oliveria| Date: Wed, 24 Aug 2022 16:00:00 +0000

Threat actors evade detection by adopting the Sliver command-and-control (C2) framework in intrusion campaigns.

The post Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks appeared first on Microsoft Security Blog.

Read more

Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

Credit to Author: Christine Barrett| Date: Mon, 22 Aug 2022 16:00:00 +0000

This month, Microsoft has been recognized by Gartner as a Leader in the 2022 Magic Quadrant for Unified Endpoint Management Tools. This blog post outlines the “so what” for IT leaders, and why we believe this Gartner analysis deserves your focus right now.

The post Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools appeared first on Microsoft Security Blog.

Read more

Cyber Signals: Defend against the new ransomware landscape

Credit to Author: Christine Barrett| Date: Mon, 22 Aug 2022 13:00:00 +0000

Today, Microsoft is excited to publish our second edition of Cyber Signals, spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. In this edition, we pull back the curtain on the evolving cybercrime economy and the rise of Ransomware-as-a-service (RaaS).

The post Cyber Signals: Defend against the new ransomware landscape appeared first on Microsoft Security Blog.

Read more

Uncovering a ChromeOS remote memory corruption vulnerability

Credit to Author: Katie McCafferty| Date: Fri, 19 Aug 2022 21:38:06 +0000

Microsoft discovered a memory corruption vulnerability in a ChromeOS component that could have been triggered remotely, allowing attackers to perform either a denial-of-service (DoS) or, in extreme cases, remote code execution (RCE).

The post Uncovering a ChromeOS remote memory corruption vulnerability appeared first on Microsoft Security Blog.

Read more

Hardware-based threat defense against increasingly complex cryptojackers

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 18 Aug 2022 17:00:00 +0000

To provide advanced protection against increasingly complex and evasive cryptojackers, Microsoft Defender Antivirus integrates with Intel® Threat Detection Technology (TDT) that applies machine learning to low-level CPU telemetry in detecting cryptojackers, even when the malware is obfuscated and can evade security tools.

The post Hardware-based threat defense against increasingly complex cryptojackers appeared first on Microsoft Security Blog.

Read more