cybersecurity – Page 21 – PossibleThreat Articles

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

July 12, 2022 0 Comments business email compromise (bec), cybersecurity, Microsoft security intelligence, phishing

Credit to Author: Paul Oliveria| Date: Tue, 12 Jul 2022 16:00:00 +0000

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog.

Microsoft Security

Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT

July 11, 2022 0 Comments cybersecurity, iot security, microsoft defender for iot

Credit to Author: Christine Barrett| Date: Mon, 11 Jul 2022 16:00:00 +0000

Microsoft Defender IoT is generally available to help organizations challenged with securing unmanaged Internet of Things devices connected to the network.

The post Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT appeared first on Microsoft Security Blog.

Microsoft Security

Hive ransomware gets upgrades in Rust

July 5, 2022 0 Comments cybersecurity, hive, Microsoft security intelligence, mstic, Ransomware, Ransomware as a Service

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Tue, 05 Jul 2022 16:00:00 +0000

With its latest variant carrying several major upgrades, Hive proves it’s one of the fastest evolving ransomware payload, exemplifying the continuously changing ransomware ecosystem.

The post Hive ransomware gets upgrades in Rust appeared first on Microsoft Security Blog.

Microsoft Security

Toll fraud malware: How an Android application can drain your wallet

June 30, 2022 0 Comments Android, cybersecurity, Microsoft security intelligence, toll fraud malware

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 30 Jun 2022 14:00:00 +0000

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.

The post Toll fraud malware: How an Android application can drain your wallet appeared first on Microsoft Security Blog.

Microsoft Security

Using process creation properties to catch evasion techniques

June 30, 2022 0 Comments cybersecurity, detection evasion, Microsoft security intelligence, process creation, process injection

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 30 Jun 2022 13:30:00 +0000

We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques include process doppelganging, process herpadering, and process ghosting.

The post Using process creation properties to catch evasion techniques appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft at RSA 2022: Envisioning the future of security

June 29, 2022 0 Comments cybersecurity

Credit to Author: Emma Jones| Date: Wed, 29 Jun 2022 16:00:00 +0000

The 2022 RSA Conference was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in San Francisco. Microsoft Security was on the ground, interacting with customers and security professionals at Microsoft’s 20-plus earned sessions, as well as showcasing new solutions like Microsoft Entra that help realize our goal of comprehensive security.

The post Microsoft at RSA 2022: Envisioning the future of security appeared first on Microsoft Security Blog.

Microsoft Security

How security leaders can help their teams avoid burnout

June 28, 2022 0 Comments cybersecurity, voice of the community

Credit to Author: Christine Barrett| Date: Tue, 28 Jun 2022 16:00:00 +0000

Maria Markstedter, CEO of Azeria Labs, shares insights on the growing interest in Arm assembly and strategies to help security professionals avoid burnout.

The post How security leaders can help their teams avoid burnout appeared first on Microsoft Security Blog.

Microsoft Security

4 breakthrough ideas for compliance and data security

June 27, 2022 0 Comments cybersecurity, Data governance, data protection, microsoft purview

Credit to Author: Christine Barrett| Date: Mon, 27 Jun 2022 16:00:00 +0000

Learn how Zero Trust and other data protection strategies can help you overcome four key challenges in compliance management and data governance.

The post 4 breakthrough ideas for compliance and data security appeared first on Microsoft Security Blog.

Microsoft Security

Detecting malicious key extractions by compromised identities for Azure Cosmos DB

June 23, 2022 0 Comments cybersecurity

Credit to Author: Christine Barrett| Date: Thu, 23 Jun 2022 16:00:00 +0000

Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog post, we describe security practices for securing access to Azure Cosmos DB and show how monitoring relevant control plane operations can help in the detection of potentially compromised authorization.

The post Detecting malicious key extractions by compromised identities for Azure Cosmos DB appeared first on Microsoft Security Blog.

QuickHeal Security