Monday, July 21, 2025
Latest:

Microsoft Secure

Microsoft Secure
TH Author

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.
The post Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Microsoft best practices for managing IoT security concerns

The Internet of Things, or IoT, has expanded beyond the mere concept that it was when first introduced. IoT is now part of most individuals’ daily activities, from smart speakers and thermostats to smartwatches and vehicles. IoT devices and systems bring massive convenience and functionality. However, due to the complicated nature of IoT, when implementing and managing IoT, security must be top of mind.
The post Microsoft best practices for managing IoT security concerns appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

The future of compliance and data governance is here: Introducing Microsoft Purview

Hybrid work has connected us in ways unimaginable just two years ago. Today we routinely communicate across continents while collaborating in real-time. Protecting a decentralized hybrid work environment requires strong solutions built around clear principles designed to defend customers’ data, safeguard employees, and protect the business.
The post The future of compliance and data governance is here: Introducing Microsoft Purview appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

A clearer lens on Zero Trust security strategy: Part 1

Today’s world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the ground of reality.
The post A clearer lens on Zero Trust security strategy: Part 1 appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware

Microsoft took action against the ZLoader trojan by working with telecommunications providers around the world to disrupt key ZLoader infrastructure. In this blog, we detail the various characteristics for identifying ZLoader activity, including its associated tactics, recent campaigns, and affiliated payloads, such as ransomware.
The post Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Tarrask malware uses scheduled tasks for defense evasion

Microsoft Detection and Response Team (DART) researchers have uncovered malware that creates “hidden” scheduled tasks as a defense evasion technique. In this post, we will demonstrate how threat actors create scheduled tasks, how they cover their tracks, and how the malware’s evasion techniques are used to maintain and ensure persistence on systems.
The post Tarrask malware uses scheduled tasks for defense evasion appeared first on Microsoft Security Blog. READ MORE HERE…

Read More