Tuesday, July 8, 2025
Latest:

Cybersecurity

Microsoft Secure
TH Author

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.
The post Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Microsoft best practices for managing IoT security concerns

The Internet of Things, or IoT, has expanded beyond the mere concept that it was when first introduced. IoT is now part of most individuals’ daily activities, from smart speakers and thermostats to smartwatches and vehicles. IoT devices and systems bring massive convenience and functionality. However, due to the complicated nature of IoT, when implementing and managing IoT, security must be top of mind.
The post Microsoft best practices for managing IoT security concerns appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

The future of compliance and data governance is here: Introducing Microsoft Purview

Hybrid work has connected us in ways unimaginable just two years ago. Today we routinely communicate across continents while collaborating in real-time. Protecting a decentralized hybrid work environment requires strong solutions built around clear principles designed to defend customers’ data, safeguard employees, and protect the business.
The post The future of compliance and data governance is here: Introducing Microsoft Purview appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

A clearer lens on Zero Trust security strategy: Part 1

Today’s world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the ground of reality.
The post A clearer lens on Zero Trust security strategy: Part 1 appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware

Microsoft took action against the ZLoader trojan by working with telecommunications providers around the world to disrupt key ZLoader infrastructure. In this blog, we detail the various characteristics for identifying ZLoader activity, including its associated tactics, recent campaigns, and affiliated payloads, such as ransomware.
The post Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Tarrask malware uses scheduled tasks for defense evasion

Microsoft Detection and Response Team (DART) researchers have uncovered malware that creates “hidden” scheduled tasks as a defense evasion technique. In this post, we will demonstrate how threat actors create scheduled tasks, how they cover their tracks, and how the malware’s evasion techniques are used to maintain and ensure persistence on systems.
The post Tarrask malware uses scheduled tasks for defense evasion appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Learn the latest cybersecurity techniques at the Microsoft Security Summit

On May 12, 2022, at the Microsoft Security Summit digital event, join other cybersecurity professionals in exploring how a comprehensive approach to security can empower organizations to innovate fearlessly—even in the face of evolving cyberthreats.
The post Learn the latest cybersecurity techniques at the Microsoft Security Summit appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Microsoft 365 Defender demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations

For the fourth consecutive year, Microsoft 365 Defender demonstrated industry-leading protection in MITRE Engenuity’s independent ATT&CK® Enterprise Evaluations. These results highlighted the importance of taking an XDR-based approach spanning endpoints, identities, email and cloud, and the importance of both prevention and protection.
The post Microsoft 365 Defender demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations appeared first on Microsoft Security Blog. READ MORE HERE…

Read More