Many organizations utilize third-party apps for identity security solutions to automate and unburden overtaxed IT admins from tedious tasks that employees can perform via self-service without IT assistance. But in September 2021, our researchers observed threat actors exploiting one such third-party app at several US-based entities. The vulnerability[…]
Read MoreThis post is coauthored by Rob May, Founder and Managing Director, ramsac The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with ramsac Founder and Managing Director Rob May, who gave[…]
Read More
Closing the cybersecurity talent gap is not something we can achieve alone; it requires a collective effort from the entire industry and focus on enabling cybersecurity awareness and education for all. This realization hit home for us during our recent participation in the National Initiative for Cybersecurity Education[…]
Read More
The chief information security officer (CISO) agenda has a new set of priorities. Hybrid work and the resultant architecture updates, so prevalent at the beginning of the pandemic, are no longer top of mind. Instead, the thinking is focused on tackling ever more sophisticated threats and integrating Zero[…]
Read More
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems, including Internet of Things (IoT) devices. Microsoft researchers[…]
Read More
Multicloud strategies have become the new norm for most enterprises, with more than 90 percent of organizations adopting multiple cloud infrastructures, platforms, and services to run their businesses.1 However, a lack of visibility into their digital infrastructure exposes them to significant risks. As a customer, you may run[…]
Read More
As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian state-sponsored threat actors. Throughout the conflict, Russian threat[…]
Read MoreThe post Public preview: Improve Win32 app security via app isolation appeared first on Microsoft Security Blog. Source: Microsoft Security
Read More
Cloud development challenges conventional thinking about risk. A “perimeter” was always the abstraction that security teams could start from—defining their perimeter and exposing the cracks in firewalls and network access. With more and more infrastructure represented as ephemeral code, protecting your perimeter is no longer a matter of[…]
Read More
In today’s rapidly evolving connected workplace, where hybrid and remote work are increasingly the norm, workplace productivity and communications tools like email and chat applications are more important than ever. However, cyberthreats continue to evolve with increasing capabilities and sophistication, so protecting sensitive information has never been more[…]
Read More