ThreatsHub.org
SECUDE has integrated their HALOCAD solution with Microsoft Information Protection SDK which extends the data protection beyond the organization’s IT perimeter.
The post How to protect your CAD data files with MIP and HALOCAD appeared first on Microsoft Security Blog. READ MORE HERE…
Rockwell Automation Vice President and Chief Information Security Officer Dawn Cappelli talks about assessing, measuring, and protecting against insider risk.
The post A guide to balancing external threats and insider risk appeared first on Microsoft Security Blog. READ MORE HERE…
LemonDuck, an actively updated and robust malware that’s primarily known for its botnet and cryptocurrency mining objectives, adopted more sophisticated behavior and escalated its operations. Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity.
The post When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure appeared first on Microsoft Security Blog. READ MORE HERE…
Today on the Official Microsoft Blog, Microsoft announced the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access.
The post Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management appeared first on Microsoft Security Blog. READ MORE HERE…
As containers become a major part of many organizations’ IT workloads, it becomes crucial to consider the unique security threats that target such environments when building security solutions. The first step in this process is understanding the relevant attack landscape.
The post The evolution of a matrix: How ATT&CK for Containers was built appeared first on Microsoft Security Blog. READ MORE HERE…
The Microsoft Threat Intelligence Center (MSTIC) alongside the Microsoft Security Response Center (MSRC) has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows 0-day exploits (CVE-2021-31979 and CVE-2021-33771).
The post Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft threat analysts are tracking a continued increase in consent phishing emails, also called illicit consent grants, that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned apps permissions to access sensitive data.
The post Microsoft delivers comprehensive solution to battle rise in consent phishing emails appeared first on Microsoft Security Blog. READ MORE HERE…
MISA extends product portfolio, adds sessions for Microsoft Inspire, and more.
The post MISA expands portfolio and looks ahead during Microsoft Inspire appeared first on Microsoft Security Blog. READ MORE HERE…
Our world is changing, and Microsoft Security is rising to the challenges of a new normal. Today, I want to share more about how we are empowering our partners to be successful in building trust with customers and enabling business growth.
The post How Microsoft Security empowers partners to build customer trust appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China.
The post Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit appeared first on Microsoft Security Blog. READ MORE HERE…