cybersecurity – Page 27 – PossibleThreat Articles

Credit to Author: Christine Barrett| Date: Tue, 05 Apr 2022 15:00:00 +0000

Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cyber criminals and nation states alike have improved their targeting, speed and accuracy as the world adapted to working outside the office.

The post New security features for Windows 11 will help protect hybrid work appeared first on Microsoft Security Blog.

Microsoft Security

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

April 4, 2022 0 Comments cybersecurity, Microsoft security intelligence, spring framework, springshell, Vulnerabilities

Credit to Author: Paul Oliveria| Date: Tue, 05 Apr 2022 01:11:24 +0000

Microsoft provides guidance for customers looking for protection against exploitation and ways to detect vulnerable installations on their network of the critical vulnerability CVE-2022-22965, also known as SpringShell or Spring4Shell.

The post SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965 appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft CRSP shares the ways human behavior affects compromise recovery

April 4, 2022 0 Comments cybersecurity, security operations

Credit to Author: Christine Barrett| Date: Mon, 04 Apr 2022 17:00:00 +0000

The importance of assessing and supporting the human aspect of recovery based on our experiences of recovering organizations.

The post Microsoft CRSP shares the ways human behavior affects compromise recovery appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft protects against human-operated ransomware across the full attack chain in the 2022 MITRE Engenuity ATT&CK® Evaluations

March 31, 2022 0 Comments cybersecurity, Microsoft security intelligence, mitre att&ck, mitre engenuity

Credit to Author: Paul Oliveria| Date: Thu, 31 Mar 2022 20:27:12 +0000

For the fourth year in a row, the independent MITRE Engenuity ATT&CK® Evaluations demonstrated that threats are no match for Microsoft’s multi-platform extended detection and response (XDR) defense capabilities.

The post Microsoft protects against human-operated ransomware across the full attack chain in the 2022 MITRE Engenuity ATT&CK® Evaluations appeared first on Microsoft Security Blog.

Microsoft Security

3 strategies to launch an effective data governance plan

March 31, 2022 0 Comments Compliance, compliance series, cybersecurity, Data governance

Credit to Author: Emma Jones| Date: Thu, 31 Mar 2022 17:00:00 +0000

A data governance plan can help you effectively govern sensitive data so you can reduce risks from data breaches or leaks. Read three steps to launch a data governance plan.

The post 3 strategies to launch an effective data governance plan appeared first on Microsoft Security Blog.

Microsoft Security

3 steps to secure your multicloud and hybrid infrastructure with Azure Arc

March 29, 2022 0 Comments azure arc, azure information protection, cybersecurity, microsoft defender for cloud, secure remote work

Credit to Author: Lauren Goodwin| Date: Tue, 29 Mar 2022 16:00:00 +0000

In this blog, we will share how you can increase security for on-premises and hybrid infrastructure through offerings including Azure Arc, Microsoft Defender for Cloud, and Secured-core for Azure Stack HCI.

The post 3 steps to secure your multicloud and hybrid infrastructure with Azure Arc appeared first on Microsoft Security Blog.

MalwareBytes Security

Telling stories securely, with Runa Sandvik: Lock and Code S03E07

March 28, 2022 0 Comments cybersecurity, journalist, NSA, Podcast, reality winner, runa sandvik, securedrop, the intercept, Tor, whistleblower

Credit to Author: Malwarebytes Labs| Date: Mon, 28 Mar 2022 15:40:41 +0000

In 2017, a former NSA contractor named Reality Winner was arrested for allegedly leaking an internal report to the online news outlet The Intercept. To verify the report itself, a journalist for The Intercept sent an image of the report to the NSA, but upon further inspection, it was revealed that the image was actually…

The post Telling stories securely, with Runa Sandvik: Lock and Code S03E07 appeared first on Malwarebytes Labs.

Microsoft Security

How a leading Microsoft engineer extends culture to service resiliency

March 23, 2022 0 Comments cybersecurity, Identity and access management, identity and access management series

Credit to Author: Emma Jones| Date: Wed, 23 Mar 2022 16:00:00 +0000

Nadim Abdo, Corporate Vice President of Identity and Network Access Engineering, talks with principal software engineering manager, Huiwen Ru, on her groundbreaking work to make cloud services resilient.

The post How a leading Microsoft engineer extends culture to service resiliency appeared first on Microsoft Security Blog.

Microsoft Security

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction

March 22, 2022 0 Comments cybersecurity, microsoft security, Microsoft security intelligence

Credit to Author: Katie McCafferty| Date: Tue, 22 Mar 2022 22:02:50 +0000

The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.

The post DEV-0537 criminal actor targeting organizations for data exfiltration and destruction appeared first on Microsoft Security Blog.

Security Sophos

As Russia’s ground advance stalls, Biden warns of an increase in cyberattacks

March 22, 2022 0 Comments cisa, cyber conflict, cybersecurity, featured, russia, security operations, ukraine

Credit to Author: Chester Wisniewski| Date: Tue, 22 Mar 2022 15:44:34 +0000

The U.S. President releases a statement that Russia’s cyber focus may be shifting towards cyber-offensive action against Western organizations and infrastructure