Microsoft threat analysts are tracking a continued increase in consent phishing emails, also called illicit consent grants, that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned apps permissions to access sensitive data.
The post Microsoft delivers comprehensive solution to battle rise in consent phishing emails appeared first on Microsoft Security Blog. READ MORE HERE…
MISA extends product portfolio, adds sessions for Microsoft Inspire, and more.
The post MISA expands portfolio and looks ahead during Microsoft Inspire appeared first on Microsoft Security Blog. READ MORE HERE…
Our world is changing, and Microsoft Security is rising to the challenges of a new normal. Today, I want to share more about how we are empowering our partners to be successful in building trust with customers and enabling business growth.
The post How Microsoft Security empowers partners to build customer trust appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China.
The post Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence.
The post Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work appeared first on Microsoft Security Blog. READ MORE HERE…
We’re excited to announce that in its first year of inclusion in the Magic Quadrant report, Microsoft Azure Sentinel has been named a Visionary, where we were recognized for our completeness of vision for SIEM.
The post Microsoft named a Visionary in the 2021 Gartner Magic Quadrant for SIEM for Azure Sentinel appeared first on Microsoft Security Blog. READ MORE HERE…
If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment
There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here READ MORE HERE…
Asana Privacy Counsel Whitney Merrill, an expert on privacy legal issues, talks with Microsoft about best practices for building a privacy program.
The post How to build a privacy program the right way appeared first on Microsoft Security Blog. READ MORE HERE…
Designing with accessibility in mind greatly expands the impact of Microsoft solutions. However, the impact of accessible design is even bigger than that. When we design for accessibility, everyone benefits.
The post Accessibility and usability for all in Azure Sentinel appeared first on Microsoft Security Blog. READ MORE HERE…
If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization’s main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has “only” 2,132 subdomains.What is DNS and how it works
Whatever value subdomains bring to enterprises–and they bring plenty–they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.To read this article in full, please click here READ MORE HERE…