As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft[…]
Read More
The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays (for example, more sales for retailers and more players for gaming companies). Unfortunately, cyber attackers[…]
Read More
The General Data Protection Regulation (GDPR) came into effect in 2018 and set a new standard for the level of control individuals in the European Union had on the personal data they shared online. Since then, the number of privacy regulations around the world has flourished and impacted[…]
Read More
At CyberWarCon 2022, Microsoft and LinkedIn analysts presented several sessions detailing analysis across multiple sets of actors and related activity. This blog is intended to summarize the content of the research covered in these presentations and demonstrates Microsoft Threat Intelligence Center’s (MSTIC) ongoing efforts to track threat actors,[…]
Read More
Microsoft Defender Experts for Hunting, our newest managed threat hunting service, delivered industry-leading results during the inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Services. We provided a seamless, comprehensive, and rapid response to the simulated attack using expert-led threat hunting and an industry-leading extended detection and response (XDR)[…]
Read More
We are honored to announce that Microsoft has been named a Leader in the 2022 Gartner® Magic QuadrantTM for Access Management for Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra. We thank our customers who guide our strategy and product innovation, engage with us deeply in[…]
Read More
Command-and-control (C2) servers are an essential part of ransomware, commodity, and nation-state attacks. They are used to control infected devices and perform malicious activities like downloading and launching payloads, controlling botnets, or commanding post-exploitation penetration frameworks to breach an organization as part of a ransomware attack. Blocking these[…]
Read MoreThe security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Matthew Hickey, Co-founder, Chief Executive Officer (CEO), and hacker of Hacker House. The thoughts below[…]
Read More
Sixty-two percent of organizations that undertake mergers and acquisitions face significant cybersecurity risks or consider cyber risks their biggest concern post-acquisition.1 Threat actors that focus on corporate espionage often target the acquiring company, which we will refer to as the Parent, early in the bidding process to gain[…]
Read MoreThroughout Cybersecurity Awareness Month, Microsoft has highlighted the importance of cybersecurity and provided resources to help people and organizations stay safe. It’s great to have this month as a reminder, and even better if that awareness becomes a year-round endeavor. Education is really the key. With the increase[…]
Read More