In the final post of a four-part series on the NOBELIUM nation-state attack, we explore key findings from the after-action report on the attack.
The post The final report on NOBELIUM’s unprecedented nation-state attack appeared first on Microsoft Security Blog. READ MORE HERE…
Cellebrite Senior Director of Digital Intelligence Heather Mahalik offers an inside look at mobile forensics and shares how to think about the function in your organization.
The post Your guide to mobile digital forensics appeared first on Microsoft Security Blog. READ MORE HERE…
Get technical information about attacks that Microsoft has observed taking advantage of CVE-2021-44228, a remote code execution (RCE) vulnerability in Apache Log4j 2 referred to as “Log4Shell”, and guidance for detecting and investigating attacks.
The post Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation appeared first on Microsoft Security Blog. READ MORE HERE…
Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI systems.
The post Best practices for AI security risk management appeared first on Microsoft Security Blog. READ MORE HERE…
Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan, Qakbot has evolved into a multi-purpose…
The post A closer look at Qakbot’s latest building blocks (and how to knock them down) appeared first on Microsoft Security Blog. READ MORE HERE…
This year the need for much improved IoT and OT cybersecurity has become even more clear with the recent and now famous attacks. To better understand the challenges customers are facing, Microsoft partnered with the Ponemon Institute to produce empirical data to help us better understand the state of IoT and OT security from a customer’s perspective.
The post New research shows IoT and OT innovation is critical to business but comes with significant risks appeared first on Microsoft Security Blog. READ MORE HERE…
Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel. Kernel-mode driver publishers must pass the hardware lab kit (HLK) compatibility tests, malware scanning, and prove their identity through extended validation (EV) certificates.
The post Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center appeared first on Microsoft Security Blog. READ MORE HERE…
With cyberattacks continuing to rise, the need for secure computing has never been more important. Customers care about the protection of their data and workloads, and platform security can be an important tool in a comprehensive defense-in-depth strategy.
The post New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure appeared first on Microsoft Security Blog. READ MORE HERE…
China-based threat actor NICKEL has been targeting governments, diplomatic entities, and non-governmental organizations (NGOs) across Central and South America, the Caribbean, and Europe. Today, Microsoft announced the successful seizure of a set of NICKEL-operated websites and disruption of ongoing attacks.
The post NICKEL targeting government organizations across Latin America and Europe appeared first on Microsoft Security Blog. READ MORE HERE…
Our approach to threat hunting is designed to evaluate impact and escalate potential threats for investigation, based on how damaging the potential threat would be. It is also designed for speed: due to the highly time-sensitive nature of the threat response, the most dangerous potential threats are analyzed first.
The post Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense appeared first on Microsoft Security Blog. READ MORE HERE…