Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

Credit to Author: Eric Avena| Date: Wed, 18 Dec 2019 18:00:24 +0000

Microsoft Defender ATP data scientists and threat hunters collaborate to use a data science-driven approach to detecting RDP brute force attacks to protect customers against real-world threats.

The post Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks appeared first on Microsoft Security.

Read more

GALLIUM: Targeting global telecom

Credit to Author: Todd VanderArk| Date: Thu, 12 Dec 2019 17:00:10 +0000

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.

The post GALLIUM: Targeting global telecom appeared first on Microsoft Security.

Read more

Improve cyber supply chain risk management with Microsoft Azure

Credit to Author: Todd VanderArk| Date: Mon, 09 Dec 2019 17:00:03 +0000

To keep government agencies secure in the cloud, we must keep pace and stay ahead of cyber attackers by defending the cyber supply chain with Microsoft Azure.

The post Improve cyber supply chain risk management with Microsoft Azure appeared first on Microsoft Security.

Read more

Spear phishing campaigns—they’re sharper than you think

Credit to Author: Todd VanderArk| Date: Mon, 02 Dec 2019 17:00:15 +0000

Spear phishing campaigns can be highly effective—but they aren’t foolproof. If you understand how they work, you can put measures in place to reduce their power.

The post Spear phishing campaigns—they’re sharper than you think appeared first on Microsoft Security.

Read more

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

Credit to Author: Todd VanderArk| Date: Thu, 14 Nov 2019 17:00:56 +0000

A series on DART’s tools, techniques, and procedures for investigating cybersecurity incidents at their customer organizations. Part 1 introduces the team and gives a brief overview of the tools that DART utilizes.

The post Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1 appeared first on Microsoft Security.

Read more

Gartner names Microsoft a Leader in the 2019 Cloud Access Security Broker (CASB) Magic Quadrant

Credit to Author: Todd VanderArk| Date: Tue, 29 Oct 2019 14:00:13 +0000

In Gartner’s third annual Magic Quadrant for Cloud Access Security Brokers (CASB), Microsoft was named a Leader based on its completeness of vision and ability to execute in the CASB market.

The post Gartner names Microsoft a Leader in the 2019 Cloud Access Security Broker (CASB) Magic Quadrant appeared first on Microsoft Security.

Read more

Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

Credit to Author: Eric Avena| Date: Tue, 01 Oct 2019 17:30:05 +0000

Microsoft is positioned as a leader in The Forrester Wave™: Endpoint Security Suites, Q3 2019, receiving among the second highest scores in both the strategy and market presence categories.

The post Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave appeared first on Microsoft Security.

Read more

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

Credit to Author: Eric Avena| Date: Thu, 26 Sep 2019 17:34:41 +0000

A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.

The post Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware appeared first on Microsoft Security.

Read more

Top 5 use cases to help you make the most of your Cloud Access Security Broker

Credit to Author: Todd VanderArk| Date: Wed, 25 Sep 2019 16:00:25 +0000

We explore five use cases for CASBs that give you an immediate return on your investment with very little deployment effort.

The post Top 5 use cases to help you make the most of your Cloud Access Security Broker appeared first on Microsoft Security.

Read more

Automated incident response in Office 365 ATP now generally available

Credit to Author: Todd VanderArk| Date: Mon, 09 Sep 2019 16:00:37 +0000

Powerful automation capabilities help improve the effectiveness and efficiency of investigating and responding to Office 365 alerts.

The post Automated incident response in Office 365 ATP now generally available appeared first on Microsoft Security.

Read more