Total Economic Impact™ study conducted by Forrester Consulting and commissioned by Microsoft reveals cost savings and business benefits enabled by Zero Trust.
The post Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study appeared first on Microsoft Security Blog. READ MORE HERE…
Get expert advice on how to bridge gaps between your SOC and NOC and enable Zero Trust security in today’s rapidly evolving threat landscape.
The post Align your security and network teams to Zero Trust security demands appeared first on Microsoft Security Blog. READ MORE HERE…
A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. We shared our findings with Apple through Coordinated Vulnerability Disclosure (CVD) and Apple released a fix.
The post New macOS vulnerability, “powerdir,” could lead to unauthorized user data access appeared first on Microsoft Security Blog. READ MORE HERE…
Taurus SA Co-founder and Chief Security Officer Jean-Philippe “JP” Aumasson shares how the discipline of cryptography will impact cybersecurity strategy.
The post What you need to know about how cryptography impacts your security strategy appeared first on Microsoft Security Blog. READ MORE HERE…
In the final post of a four-part series on the NOBELIUM nation-state attack, we explore key findings from the after-action report on the attack.
The post The final report on NOBELIUM’s unprecedented nation-state attack appeared first on Microsoft Security Blog. READ MORE HERE…
Cellebrite Senior Director of Digital Intelligence Heather Mahalik offers an inside look at mobile forensics and shares how to think about the function in your organization.
The post Your guide to mobile digital forensics appeared first on Microsoft Security Blog. READ MORE HERE…
Get technical information about attacks that Microsoft has observed taking advantage of CVE-2021-44228, a remote code execution (RCE) vulnerability in Apache Log4j 2 referred to as “Log4Shell”, and guidance for detecting and investigating attacks.
The post Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation appeared first on Microsoft Security Blog. READ MORE HERE…
Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI systems.
The post Best practices for AI security risk management appeared first on Microsoft Security Blog. READ MORE HERE…
Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan, Qakbot has evolved into a multi-purpose…
The post A closer look at Qakbot’s latest building blocks (and how to knock them down) appeared first on Microsoft Security Blog. READ MORE HERE…
This year the need for much improved IoT and OT cybersecurity has become even more clear with the recent and now famous attacks. To better understand the challenges customers are facing, Microsoft partnered with the Ponemon Institute to produce empirical data to help us better understand the state of IoT and OT security from a customer’s perspective.
The post New research shows IoT and OT innovation is critical to business but comes with significant risks appeared first on Microsoft Security Blog. READ MORE HERE…