Rapid Response: The Ngrok Incident Guide

Credit to Author: Angela Gunn| Date: Thu, 14 Jul 2022 08:01:51 +0000

Ngrok is a legitimate remote-access tool. It is regularly abused by attackers, who use its capabilities and reputation to maneuver while bypassing network protections. This incident guide shows Security Operations Centers (SOCs) and response teams how to detect and respond to the suspicious presence or use of ngrok on the network.

Read more

Ghost in the shell: Investigating web shell attacks

Credit to Author: Eric Avena| Date: Tue, 04 Feb 2020 17:30:40 +0000

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.

The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security.

Read more

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

Credit to Author: Todd VanderArk| Date: Mon, 23 Dec 2019 17:00:57 +0000

In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.

The post CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life appeared first on Microsoft Security.

Read more

Norsk Hydro responds to ransomware attack with transparency

Credit to Author: Todd VanderArk| Date: Tue, 17 Dec 2019 21:00:57 +0000

Aluminum supplier Norsk Hydro was attacked by LockerGoga, a form of ransomware. Learn how the company recovered and got back to business as usual.

The post Norsk Hydro responds to ransomware attack with transparency appeared first on Microsoft Security.

Read more

Ransomware response—to pay or not to pay?

Credit to Author: Todd VanderArk| Date: Mon, 16 Dec 2019 17:00:07 +0000

As part of Microsoft’s Detection and Response Team (DART) Incident Response engagements, we regularly get asked by customers about “paying the ransom” following a ransomware attack.

The post Ransomware response—to pay or not to pay? appeared first on Microsoft Security.

Read more

How security orchestration improves detection and response

Credit to Author: Pieter Arntz| Date: Wed, 02 Oct 2019 19:20:10 +0000

Security orchestration is a regulator that makes sure security solutions, often from different vendors, work well together to automate response and keep organizations safe.

Categories:

Tags:

(Read more…)

The post How security orchestration improves detection and response appeared first on Malwarebytes Labs.

Read more

Explained: how security orchestration improves protection and response

Credit to Author: Pieter Arntz| Date: Wed, 02 Oct 2019 19:20:10 +0000

Security orchestration is a regulator that makes sure security solutions, often from different vendors, work well together to automate response and keep organizations safe.

Categories:

Tags:

(Read more…)

The post Explained: how security orchestration improves protection and response appeared first on Malwarebytes Labs.

Read more

Explained: security orchestration

Credit to Author: Pieter Arntz| Date: Wed, 02 Oct 2019 19:20:10 +0000

Security orchestration is a regulator that makes sure security solutions, often from different vendors, work well together to automate response and keep organizations safe.

Categories:

Tags:

(Read more…)

The post Explained: security orchestration appeared first on Malwarebytes Labs.

Read more

Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results

Credit to Author: Todd VanderArk| Date: Wed, 18 Sep 2019 16:00:50 +0000

Results from the 2019 Marsh-Microsoft Global Cyber Risk Perception survey reveal several encouraging signs of improvement in the way organizations view and manage cyber risk.

The post Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results appeared first on Microsoft Security.

Read more