Thursday, July 17, 2025
Latest:

Cybersecurity

Microsoft Secure
TH Author

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

One missing link in the complex Solorigate attack chain is the handover from the Solorigate DLL backdoor to the Cobalt Strike loader. How exactly does the jump from the Solorigate backdoor (SUNBURST) to the Cobalt Strike loader (TEARDROP, Raindrop, and others) happen? What code gets triggered, and what indicators should defenders look for?
The post Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Using Zero Trust principles to protect against sophisticated attacks like Solorigate

The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure, but many of the tactics, techniques, and procedures (TTPs) were individually ordinary. Companies…
The post Using Zero Trust principles to protect against sophisticated attacks like Solorigate appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

How IT leaders are securing identities with Zero Trust

The past twelve months have been a remarkable time of digital transformation as organizations, and especially digital security teams, adapt to working remotely and shifting business operations. IT leaders everywhere turned to Zero Trust approaches to alleviate the challenges of enabling and securing remote work. Using Zero Trust to secure users, data, and devices (wherever they may be) has changed…
The post How IT leaders are securing identities with Zero Trust appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Simplify compliance and manage risk with Microsoft Compliance Manager

The cost of non-compliance is more than twice that of compliance costs. Non-compliance with the ever-increasing and changing regulatory requirements can have a significant impact on your organization’s brand, reputation, and revenue. According to a study by the Ponemon Institute and Globalscape, being compliant will cost you less compared to business disruptions, loss of revenue, and hefty…
The post Simplify compliance and manage risk with Microsoft Compliance Manager appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.
The post Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely

The new Surface Pro 7+ for Business will ship with virtualization-based security (VBS) and Hypervisor-protected code integrity (HVCI, also commonly referred to as memory integrity) enabled out of the box to give customers even stronger security that is built-in and turned on by default. The Surface Pro 7+ for Business joins existing recently shipped devices like the Surface Book 3, Surface Laptop Go, and the Surface Pro X in enabling VBS and HVCI by default.
The post New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact

GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of relevant regulatory information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.
The post Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact appeared first on Microsoft Security. READ MORE HERE…

Read More
Microsoft Secure
TH Author

The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

In this blog Jake Williams, Founder of Rendition InfoSec shares his insights on the 2020 threat landscape—who to watch for and why—and offers cybersecurity guidance and best practices on how to structure and evolve red and blue teaming within your organization.
The post The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1 appeared first on Microsoft Security. READ MORE HERE…

Read More