The rise in cryptocurrency market capitalization paved the way to the emergence of threats Microsoft security researchers are referring to as “cryware”—information stealers focused on gathering and exfiltrating data from non-custodial cryptocurrency wallets.
The post In hot pursuit of ‘cryware’: Defending hot wallets from attacks appeared first on Microsoft Security Blog. READ MORE HERE…
RSA 2022 is happening in person—find out about Microsoft-sponsored sessions, pre-day events, speakers, awards, and more.
The post Microsoft showcases the future of comprehensive security at RSA 2022 appeared first on Microsoft Security Blog. READ MORE HERE…
The Center for Threat-Informed Defense, along with Microsoft and industry partners, collaborated on a repeatable methodology and a web-based calculator, aiming to streamline MITRE ATT&CK® use for defenders.
The post Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders appeared first on Microsoft Security Blog. READ MORE HERE…
A compromise recovery, in general, means that we are implementing several years of work in cybersecurity in only six weeks. It is intense, and it changes how administrators work and how systems break. The main goals are to take back control, keep that control, and add this mindset to the customer.
The post Microsoft security experts outline next steps after compromise recovery appeared first on Microsoft Security Blog. READ MORE HERE…
Data management specialist Cohesity is launching a new data isolation and recovery tool called FortKnox, in a bid to help customers protect their data from ransomware attacks.FortKnox provides an additional layer of off-site protection for customers by keeping data in a secure ‘vault,’ with physical separation, network and management isolation to keep threat actors from accessing sensitive data.An object lock requires a minimum of two or more people to approve critical actions, such as changes of vault policy, and access can be managed using granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest.To read this article in full, please click here READ MORE HERE…
Technology alone is not enough to defend against cybercrime. It’s critical, but it’s the combination of leading technologies, comprehensive threat intelligence, and highly skilled people that makes for a truly effective security posture.
The post Building a safer world together with our partners—introducing Microsoft Security Experts appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert humane intelligence at every step of the attack chain and culminate in intentional business disruption and extortion. In this blog, we explain the ransomware-as-a-service affiliate model and disambiguate between the attacker tools and the various threat actors at play during a security incident.
The post Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself appeared first on Microsoft Security Blog. READ MORE HERE…
Multiple vulnerabilities have been discovered in Cisco’s Enterprise NFV Infrastructure Software (NFVIS). The worst of the vulnerabilities could let an attacker escape from the guest virtual machine (VM) to the host machine, Cisco disclosed. The other two problems involve letting a bad actor inject commands that execute at the root level and allowing a remote attacker to leak system data from the host to the VM.NFVIS is Linux-based infrastructure software designed to help enterprises and service providers to deploy virtualized network functions, such as a virtual router, firewall and WAN acceleration, Cisco stated.To read this article in full, please click here READ MORE HERE…
Learn how Microsoft is helping to make your accounts more secure—without a password.
The post This World Password Day consider ditching passwords altogether appeared first on Microsoft Security Blog. READ MORE HERE…
Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company’s engineers and the lengths they had to go to find and fix the problems.The outage was the result of a series of unfortunate internal errors by Atlassian’s own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes’ worth of data transactions, and the vast majority of customers didn’t see any downtime whatsoever.To read this article in full, please click here READ MORE HERE…