Credit to Author: Todd VanderArk| Date: Thu, 12 Dec 2019 17:00:10 +0000
Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.
The post GALLIUM: Targeting global telecom appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Wed, 11 Dec 2019 17:00:56 +0000
In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Read about the most notable phishing techniques we spotted in the past year.
The post The quiet evolution of phishing appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Tue, 26 Nov 2019 17:00:56 +0000
We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.
The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Mon, 25 Nov 2019 19:00:33 +0000
We are happy to release to the public The Windows 10 random number generation infrastructure white paper, which provides details about the Windows 10 pseudo-random number generator (PRNG) infrastructure, and lists the primary RNG APIs. The whitepaper also explains how the entropy system works, what the entropy sources are, and how initial seeding works.
The post Going in-depth on the Windows 10 random number generation infrastructure appeared first on Microsoft Security.
Read moreCredit to Author: Todd VanderArk| Date: Mon, 25 Nov 2019 17:00:55 +0000
Gamified cybersecurity solutions offer immense promise by giving users practical, hands-on opportunities to learn by doing. Microsoft and Circadence are partnering to deliver Azure-hosted cyber range learning solutions for beginners up to advanced SecOps pros. Gamification is an increasingly important way for enterprises to attract tomorrow’s cyber pro talent and create tailored learning and more defined career paths and progression.
The post Rethinking cyber learning—consider gamification appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Thu, 07 Nov 2019 21:05:30 +0000
The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
The post Microsoft works with researchers to detect and protect against new RDP exploits appeared first on Microsoft Security.
Read moreCredit to Author: Todd VanderArk| Date: Tue, 05 Nov 2019 14:00:41 +0000
Learn about all the new features and enhancements introduced in Azure Sentinel, Microsoft’s cloud-native SIEM solution, during Ignite 2019.
The post Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Mon, 28 Oct 2019 15:00:10 +0000
Experts on demand is now generally available and gives customers direct access to real-life Microsoft threat analysts to help with their security investigations.
The post Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Mon, 21 Oct 2019 15:00:56 +0000
We’ve been working with partners to design what we call Secured-core PCs, devices that meet a specific set of device requirements that apply the security best practices of isolation and minimal trust to the firmware layer.
The post Microsoft and partners design new device security requirements to protect against targeted firmware attacks appeared first on Microsoft Security.
Read moreCredit to Author: Eric Avena| Date: Wed, 16 Oct 2019 17:00:11 +0000
What should IT and security teams be looking for in an email security solution to protect all their users, from frontline workers to the C-suite? Here are 6 tips to ensure your organization has a strong email security posture.
The post Top 6 email security best practices to protect against phishing attacks and business email compromise appeared first on Microsoft Security.
Read more