How to gain 24/7 detection and response coverage with Microsoft Defender ATP

Security incidents don’t happen exclusively during business hours: attackers often wait until the late hours of the night to breach an environment.
The post How to gain 24/7 detection and response coverage with Microsoft Defender ATP appeared first on Microsoft Security. READ MORE HERE…

Read more

Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

This blog wraps up the day in the life of a SOC analyst on the investigation team with insights on remediating incidents, post-incident cleanup, and impact of COVID-19 on the SOC. This is the sixth blog post in the series.
The post Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2 appeared first on Microsoft Security. READ MORE HERE…

Read more

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry

By working with governments, trade organizations, and suppliers, the utility industry can improve security across the supply chain.
The post Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry appeared first on Microsoft Security. READ MORE HERE…

Read more

MITRE ATT&CK APT 29 evaluation proves Microsoft Threat Protection provides deeper end to end view of advanced threats

During the MITRE ATT&CK evaluation, Microsoft Threat Protection delivered on providing the deepest optics, near real time detection, and a complete view of the attack story.
The post MITRE ATT&CK APT 29 evaluation proves Microsoft Threat Protection provides deeper end to end view of advanced threats appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft shares new threat intelligence, security guidance during global crisis

Our threat intelligence shows that COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to the pandemic. We’re seeing a changing of lures, not a surge in attacks. These attacks are settling into the normal ebb and flow of the threat environment.
The post Microsoft shares new threat intelligence, security guidance during global crisis appeared first on Microsoft Security. READ MORE HERE…

Read more

Ghost in the shell: Investigating web shell attacks

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.
The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security. READ MORE HERE…

Read more

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.
The post CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life appeared first on Microsoft Security. READ MORE HERE…

Read more

Ransomware response—to pay or not to pay?

As part of Microsoft’s Detection and Response Team (DART) Incident Response engagements, we regularly get asked by customers about “paying the ransom” following a ransomware attack.
The post Ransomware response—to pay or not to pay? appeared first on Microsoft Security. READ MORE HERE…

Read more

Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results

Results from the 2019 Marsh-Microsoft Global Cyber Risk Perception survey reveal several encouraging signs of improvement in the way organizations view and manage cyber risk.
The post Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results appeared first on Microsoft Security. READ MORE HERE…

Read more