A guide to combatting human-operated ransomware: Part 2

In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack.
The post A guide to combatting human-operated ransomware: Part 2 appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

A guide to combatting human-operated ransomware: Part 1

As human-operated ransomware is on the rise, Microsoft’s Detection and Response Team (DART) shares how they investigate these attacks and what to consider when faced with a similar event in your organization.
The post A guide to combatting human-operated ransomware: Part 1 appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

This blog post will explain simple Microsoft security defaults and Secure Score—two features you should take advantage of that are easy to utilize and can significantly improve security in Azure AD and Office 365 configurations.
The post A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft Office 365—Do you have a false sense of cloud security?

Security is not just flipping the switch of security features to “on” and think you are done. DART explores the concept of having a false sense of security when securing your cloud environments.
The post Microsoft Office 365—Do you have a false sense of cloud security? appeared first on Microsoft Security. READ MORE HERE…

Read more

Success in security: reining in entropy

Your network is unique. It’s a living, breathing system evolving over time. The applications and users performing these actions are all unique parts of the system, adding degrees of disorder and entropy to your operating environment.
The post Success in security: reining in entropy appeared first on Microsoft Security. READ MORE HERE…

Read more

Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

This blog wraps up the day in the life of a SOC analyst on the investigation team with insights on remediating incidents, post-incident cleanup, and impact of COVID-19 on the SOC. This is the sixth blog post in the series.
The post Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2 appeared first on Microsoft Security. READ MORE HERE…

Read more

Ghost in the shell: Investigating web shell attacks

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.
The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security. READ MORE HERE…

Read more

Ransomware response—to pay or not to pay?

As part of Microsoft’s Detection and Response Team (DART) Incident Response engagements, we regularly get asked by customers about “paying the ransom” following a ransomware attack.
The post Ransomware response—to pay or not to pay? appeared first on Microsoft Security. READ MORE HERE…

Read more