Cybersecurity Archives - ThreatsHub Cybersecurity News

Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do

April 1, 2020 TH Author coronavirus-themed threats, covid-19, Cybersecurity, Endpoint security, gateway, Healthcare, human-operated ransomware, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, ransomware, remote work, REvil, Secure remote work, Securing remote workers series, Security Intelligence, Sodinokibi, Threat protection, virtual private network (VPN), virtual private server (VPS), VPN

Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.
The post Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Welcoming a more diverse workforce into cybersecurity: expanding the pipeline

March 31, 2020 TH Author CISO series, Ciso series page, Cybersecurity

If you don’t have enough diversity on your cybersecurity team, it may be because you aren’t looking in the right places.
The post Welcoming a more diverse workforce into cybersecurity: expanding the pipeline appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Welcoming and retaining diversity in cybersecurity

March 24, 2020 TH Author CISO series, Ciso series page, Cybersecurity

Do you have the right practices in place to retain and grow the cybersecurity women who already work at your company?
The post Welcoming and retaining diversity in cybersecurity appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Latest Astaroth living-off-the-land attacks are even more invisible but not less observable

March 23, 2020 TH Author Alternate Data Streams (ADS), Astaroth, behavioral blocking and containment, Cybersecurity, Endpoint security, fileless, info-stealing malware, living-off-the-land, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, ransomware, Security Intelligence, Threat protection, WMIC

Astaroth is back sporting significant changes. The updated attack chain maintains Astaroth’s complex, multi-component nature and continues its pattern of detection evasion.
The post Latest Astaroth living-off-the-land attacks are even more invisible but not less observable appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Welcoming more women into cybersecurity: the power of mentorships

March 19, 2020 TH Author AI and machine learning, CISO series, Ciso series page, Cybersecurity, Security Intelligence

I’ve long been a proponent to challenging traditional schools of thought—traditional cyber-norms—and encouraging our industry to get outside its comfort zones.
The post Welcoming more women into cybersecurity: the power of mentorships appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks

March 17, 2020 TH Author chip to cloud security, CVE-2018-19320, Cybersecurity, hypervisor-protected code integrity (HVCI), kernel attacks, Microsoft Defender ATP, ransomware, RobbinHood, Secured-core PCs, virtualization-based security (VBS), Windows Defender System Guard

Secured-core PCs combine virtualization, operating system, and hardware and firmware protection. Along with Microsoft Defender ATP, Secured-core PCs provide end-to-end protection against advanced attacks that leverage driver vulnerabilities to gain kernel privileges.
The post Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Behavioral blocking and containment: Transforming optics into protection

March 9, 2020 TH Author behavioral blocking and containment, Cybersecurity, endpoint detection and response (EDR), endpoint protection platform (EPP), Endpoint security, Juicy Potato, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, Microsoft Threat Protection, next generation protection, QRat, Security Intelligence, Threat protection

Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop engine that leverages endpoint and detection response (EDR) sensors.
The post Behavioral blocking and containment: Transforming optics into protection appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Human-operated ransomware attacks: A preventable disaster

March 5, 2020 TH Author Cybersecurity, Doppelpaymer, Dridex, Endpoint security, hands-on-keyboard, human-operated attacks, Microsoft 365, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, PARINACOTA, ransomware, ryuk, Secure Score, Security deployment, Threat protection, TrickBot, Wadhrama

In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.
The post Human-operated ransomware attacks: A preventable disaster appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

IT executives prioritize Multi-Factor Authentication in 2020

March 5, 2020 TH Author Cybersecurity

We asked IT executives how they are approaching MFA in 2020. Most are expanding their MFA deployments or making other investments to better secure their identities.
The post IT executives prioritize Multi-Factor Authentication in 2020 appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Quick wins—single sign-on (SSO) and Multi-Factor Authentication (MFA)

March 3, 2020 TH Author Cybersecurity

Organizations should consider a Cloud Identity as a Service (IDaaS), and MFA solution, like Azure Active Directory (Azure AD) for effective countermeasures against modern threats.
The post Quick wins—single sign-on (SSO) and Multi-Factor Authentication (MFA) appeared first on Microsoft Security. READ MORE HERE…

← Previous