Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind their allegations, but are instead led to the download of IcedID, an info-stealing malware.
The post Investigating a unique “form” of email delivery for IcedID malware appeared first on Microsoft Security. READ MORE HERE…

Read more

Gamifying machine learning for stronger security and AI models

We are open sourcing the Python source code of a research toolkit we call CyberBattleSim, an experimental research project that investigates how autonomous agents operate in a simulated enterprise environment using high-level abstraction of computer networks and cybersecurity concepts.
The post Gamifying machine learning for stronger security and AI models appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft Defender for Endpoint now supports Windows 10 on Arm devices

Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is part of our continued efforts to extend Microsoft Defender for Endpoint capabilities across all the endpoints defenders need to secure.
The post Microsoft Defender for Endpoint now supports Windows 10 on Arm devices appeared first on Microsoft Security. READ MORE HERE…

Read more

Protect your business from email phishing with multi-factor authentication

Cybersecurity has been in the news far more often in the past 12 months than in previous years, as cybercriminals escalated their activity during the COVID-19 pandemic lockdown.
The post Protect your business from email phishing with multi-factor authentication appeared first on Microsoft Security. READ MORE HERE…

Read more

BlueVoyant optimizes customer security with Microsoft security services

Exponential growth in remote users and accelerated digital transformation involving migration of applications and data to the cloud has expanded the organizations’ attack surface.
The post BlueVoyant optimizes customer security with Microsoft security services appeared first on Microsoft Security. READ MORE HERE…

Read more

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

A probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking enables us to quickly predict the likely threat group responsible for an attack, as well as the likely next attack stages.
The post Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting appeared first on Microsoft Security. READ MORE HERE…

Read more

New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats

The March 2021 Security Signals report showed that more than 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware.
The post New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats appeared first on Microsoft Security. READ MORE HERE…

Read more