Microsoft and AttackIQ are working together to automate testing using MITRE ATT&CK and a threat-informed defense. AttackIQ is a part of the Microsoft Intelligent Security Association.
The post Measure the effectiveness of your Microsoft security with AttackIQ appeared first on Microsoft Security Blog. READ MORE HERE…
A holistic approach to data protection can deliver better results across the organization. In this post, we share three steps that can get your organization closer.
The post Discover 3 ways to take a holistic approach to data protection appeared first on Microsoft Security Blog. READ MORE HERE…
We uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign.
The post Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA appeared first on Microsoft Security Blog. READ MORE HERE…
We asked security decision-makers about their top security concerns, topics they are most interested in, and investments for 2022.
The post How CISOs are preparing to tackle 2022 appeared first on Microsoft Security Blog. READ MORE HERE…
20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing (TwC) initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees.
The post Celebrating 20 Years of Trustworthy Computing appeared first on Microsoft Security Blog. READ MORE HERE…
Heath Adams, Chief Executive Officer at TCM Security, offers practical advice on how to build a security team.
The post Build a stronger cybersecurity team through diversity and training appeared first on Microsoft Security Blog. READ MORE HERE…
At the end of last year, I heard from a long-time enterprise contact that had a major security concern. The company had installed three layers of security and just completed an audit. It showed that since thIey’d finished their installation they’d had five security incidents, and all of them had originated inside their security perimeter, bypassing most of their protection.Their question was what they did wrong and how they could fix it.What this company experienced is far from rare, and the source of their problems and the paths to correction are far from easy.We tend to think of security as a goal we can achieve with a simple toolkit. Not so. Security is the state you achieve by dealing with all likely threats, and every threat has to be addressed in its own unique way. Problems can come from hackers gaining access to an application or database from the outside, through things like stealing credentials or exploiting weak authentication.To read this article in full, please click here READ MORE HERE…
Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.
The post Destructive malware targeting Ukrainian organizations appeared first on Microsoft Security Blog. READ MORE HERE…
The last 18 months have put pressure on organizations to speed up their digital transformation as hybrid work continues to become the new normal. Yet even with all the change and uncertainty, having the right security support system in place means your organization can still move forward confidently to turn your vision into reality.
The post Learn about 4 approaches to comprehensive security that help leaders be fearless appeared first on Microsoft Security Blog. READ MORE HERE…
Total Economic Impact™ study conducted by Forrester Consulting and commissioned by Microsoft reveals cost savings and business benefits enabled by Zero Trust.
The post Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study appeared first on Microsoft Security Blog. READ MORE HERE…