Cybersecurity Archives | Page 31 of 75 | ThreatsHub Cybersecurity News

In-depth analysis of newly detected NOBELIUM malware: a post-exploitation backdoor that Microsoft Threat Intelligence Center (MSTIC) refers to as FoggyWeb. NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing certificate, and token-decryption certificate, as well as to download and execute additional components.
The post FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 27, 2021 TH Author

A guide to combatting human-operated ransomware: Part 2

In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack.
The post A guide to combatting human-operated ransomware: Part 2 appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 21, 2021 TH Author

3 trends shaping identity as the center of modern security

In the face of increasingly advanced threats, complex multi-cloud environments, and an evolving trust fabric, identity is emerging as a critical player to deliver the next generation of security, governance, and privacy services.
The post 3 trends shaping identity as the center of modern security appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 21, 2021 TH Author

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today. We are sharing these findings so the broader community can build on them and use them to enhance email filtering rules as well as threat detection technologies like sandboxes to better catch these threats.
The post Catching the big fish: Analyzing a large-scale phishing-as-a-service operation appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 20, 2021 TH Author

A guide to combatting human-operated ransomware: Part 1

As human-operated ransomware is on the rise, Microsoft’s Detection and Response Team (DART) shares how they investigate these attacks and what to consider when faced with a similar event in your organization.
The post A guide to combatting human-operated ransomware: Part 1 appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 15, 2021 TH Author

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks.
The post Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 15, 2021 TH Author

The passwordless future is here for your Microsoft account

Beginning today, you can break free from your password and go passwordless with your Microsoft account.
The post The passwordless future is here for your Microsoft account appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 13, 2021 TH Author

Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors

Head of Mandiant Intelligence at FireEye Sandra Joyce talks with Microsoft’s Ann Johnson about the cybersecurity threats to US elections and how to fight them.
The post Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 9, 2021 TH Author

Combat attacks with security solutions from Trustwave and Microsoft

Cyberattacks and ransomware demands are on the rise. Microsoft security solutions and managed security service providers help organizations enable a proactive cybersecurity approach.
The post Combat attacks with security solutions from Trustwave and Microsoft appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

September 9, 2021 TH Author

Why diversity is important for a strong cybersecurity team

LinkedIn Chief Information Security Officer Geoff Belknap talks with Microsoft’s Bret Arsenault about recruiting cybersecurity talent and solving the skills gap.
The post Why diversity is important for a strong cybersecurity team appeared first on Microsoft Security Blog. READ MORE HERE…