Microsoft security intelligence – Page 8

Credit to Author: Paul Oliveria| Date: Tue, 05 Apr 2022 01:11:24 +0000

Microsoft provides guidance for customers looking for protection against exploitation and ways to detect vulnerable installations on their network of the critical vulnerability CVE-2022-22965, also known as SpringShell or Spring4Shell.

The post SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965 appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft protects against human-operated ransomware across the full attack chain in the 2022 MITRE Engenuity ATT&CK® Evaluations

March 31, 2022 0 Comments cybersecurity, Microsoft security intelligence, mitre att&ck, mitre engenuity

Credit to Author: Paul Oliveria| Date: Thu, 31 Mar 2022 20:27:12 +0000

For the fourth year in a row, the independent MITRE Engenuity ATT&CK® Evaluations demonstrated that threats are no match for Microsoft’s multi-platform extended detection and response (XDR) defense capabilities.

The post Microsoft protects against human-operated ransomware across the full attack chain in the 2022 MITRE Engenuity ATT&CK® Evaluations appeared first on Microsoft Security Blog.

Microsoft Security

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction

March 22, 2022 0 Comments cybersecurity, microsoft security, Microsoft security intelligence

Credit to Author: Katie McCafferty| Date: Tue, 22 Mar 2022 22:02:50 +0000

The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.

The post DEV-0537 criminal actor targeting organizations for data exfiltration and destruction appeared first on Microsoft Security Blog.

Microsoft Security

Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure

March 16, 2022 0 Comments cybersecurity, IoT, Microsoft security intelligence, trickbot

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 16 Mar 2022 15:00:00 +0000

The Microsoft Defender for IoT research team has recently discovered the exact method through which MikroTik devices are used in Trickbot’s C2 infrastructure. In this blog, we share the analysis of this method and provide insights on how attackers gain access and how they use compromised IoT devices in Trickbot attacks.

The post Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure appeared first on Microsoft Security Blog.

Microsoft Security

MSTICPy January 2022 hackathon highlights

February 25, 2022 0 Comments cybersecurity, Microsoft security intelligence, microsoft threat intelligence center (mstic), python

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Fri, 25 Feb 2022 17:00:00 +0000

In January 2022, MSTIC ran its inaugural hack month for the open-source Jupyter and Python Security Tools library, MSTICPy. This blog highlights some of the contributions.

The post MSTICPy January 2022 hackathon highlights appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft Security delivers new multicloud capabilities

February 23, 2022 0 Comments cybersecurity, Microsoft security intelligence

Credit to Author: Pooja Parab| Date: Wed, 23 Feb 2022 14:00:00 +0000

In times of great change, challenges and opportunities can be found in many directions. Today, we’re announcing new advances to help customers strengthen visibility and control across multiple cloud providers, workloads, devices, and digital identities—all from a centralized management view.

The post Microsoft Security delivers new multicloud capabilities appeared first on Microsoft Security Blog.

Microsoft Security

‘Ice phishing’ on the blockchain

February 16, 2022 0 Comments Blockchain, cybersecurity, Microsoft security intelligence, phishing

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 16 Feb 2022 17:00:00 +0000

Our recent analysis of a phishing attack connected to the blockchain reaffirms the durability of threats like social engineering, as well as the need for security fundamentals to be built into related future systems and frameworks.

The post ‘Ice phishing’ on the blockchain appeared first on Microsoft Security Blog.

Microsoft Security

What’s Next in Security from Microsoft

February 10, 2022 0 Comments CISO, Ciso series page, cybersecurity, Microsoft security intelligence

Credit to Author: Pooja Parab| Date: Thu, 10 Feb 2022 17:00:00 +0000

On February 24, 2022, at the What’s Next in Security from Microsoft digital event, you’ll learn how a comprehensive approach to security will give you the confidence to take appropriate business risks that move your company forward. At this event, Vasu Jakkal, Microsoft Corporate Vice President of Security, Compliance, and Identity, and other security experts will share exciting new innovations that help reduce the risk from the latest threats.

The post What’s Next in Security from Microsoft appeared first on Microsoft Security Blog.

Microsoft Security

ACTINIUM targets Ukrainian organizations

February 4, 2022 0 Comments actinium, cybersecurity, microsoft 365 defender, Microsoft security intelligence, microsoft threat intelligence center (mstic), threat actor research

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Fri, 04 Feb 2022 18:00:00 +0000

The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs. MSTIC previously tracked ACTINIUM activity as DEV-0157, and this group is also referred to publicly as Gamaredon.…

The post ACTINIUM targets Ukrainian organizations appeared first on Microsoft Security Blog.

Microsoft Security

Cyber Signals: Defending against cyber threats with the latest research, insights, and trends

February 3, 2022 0 Comments cybersecurity, Microsoft security intelligence

Credit to Author: Emma Jones| Date: Thu, 03 Feb 2022 14:00:00 +0000

We’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and strategies used by the world’s most prolific threat actors.

The post Cyber Signals: Defending against cyber threats with the latest research, insights, and trends appeared first on Microsoft Security Blog.