Banco Santander Global Head of Security Research Daniel Cuthbert talks with Microsoft about how to use application security testing and testing standards to increase application security.
The post Practical tips on how to use application security testing and testing standards appeared first on Microsoft Security Blog. READ MORE HERE…
As the world has changed over the past 18-months, companies have been wrestling with ways to keep employees and data protected as they support new ways of hybrid working. We built Windows 11 to be the most secure Windows yet with built-in chip to cloud protection that ensures company assets stay secure no matter where work happens.
The post Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work appeared first on Microsoft Security Blog. READ MORE HERE…
It’s Cybersecurity Awareness Month. See how you can #BeCyberSmart and help others in your organization be safe.
The post #BeCyberSmart: When we learn together, we’re more secure together appeared first on Microsoft Security Blog. READ MORE HERE…
The risks now outweigh the benefits for organizations using passwords as a security mechanism. In this post, we share the top resources to help you move forward on your passwordless journey.
The post 3 key resources to accelerate your passwordless journey appeared first on Microsoft Security Blog. READ MORE HERE…
Zero-day security vulnerabilities are like gold to attackers. With zero-days, or even zero-hours, developers have no time to patch the code, giving hackers enough access and time to explore and map internal networks, exfiltrate valuable data, and find other attack vectors.
The post Defend against zero-day exploits with Microsoft Defender Application Guard appeared first on Microsoft Security Blog. READ MORE HERE…
In the first of a four-part series on the NOBELIUM nation-state attack, we describe the attack and explain why enterprises should be cautious.
The post How nation-state attackers like NOBELIUM are changing cybersecurity appeared first on Microsoft Security Blog. READ MORE HERE…
Today, I’m excited to share the general availability of Microsoft Azure Purview, giving organizations that holistic understanding of their data that is so critically important. Azure Purview addresses the need for full visibility across all the places where your data lives, making it easier to manage, glean insights, and govern.
The post A simpler, more integrated approach to data governance appeared first on Microsoft Security Blog. READ MORE HERE…
In-depth analysis of newly detected NOBELIUM malware: a post-exploitation backdoor that Microsoft Threat Intelligence Center (MSTIC) refers to as FoggyWeb. NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing certificate, and token-decryption certificate, as well as to download and execute additional components.
The post FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor appeared first on Microsoft Security Blog. READ MORE HERE…
In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack.
The post A guide to combatting human-operated ransomware: Part 2 appeared first on Microsoft Security Blog. READ MORE HERE…
In the face of increasingly advanced threats, complex multi-cloud environments, and an evolving trust fabric, identity is emerging as a critical player to deliver the next generation of security, governance, and privacy services.
The post 3 trends shaping identity as the center of modern security appeared first on Microsoft Security Blog. READ MORE HERE…