How to prevent lateral movement attacks using Microsoft 365 Defender

Learn how Microsoft 365 Defender can enhance mitigations against lateral movement paths in your environment, stopping attackers from gaining access to privileged and sensitive accounts.
The post How to prevent lateral movement attacks using Microsoft 365 Defender appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

ACTINIUM targets Ukrainian organizations

The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs.
The post ACTINIUM targets Ukrainian organizations appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

The evolution of a Mac trojan: UpdateAgent’s progression

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms.
The post The evolution of a Mac trojan: UpdateAgent’s progression appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

New research shows IoT and OT innovation is critical to business but comes with significant risks

This year the need for much improved IoT and OT cybersecurity has become even more clear with the recent and now famous attacks. To better understand the challenges customers are facing, Microsoft partnered with the Ponemon Institute to produce empirical data to help us better understand the state of IoT and OT security from a customer’s perspective.
The post New research shows IoT and OT innovation is critical to business but comes with significant risks appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

How Microsoft Defender for IoT can secure your IoT devices

Cybersecurity threats are always evolving, and today we’re seeing a new wave of advanced attacks specifically targeting IoT devices used in enterprise environments as well as operational technology devices used in industrial systems and critical infrastructure.
The post How Microsoft Defender for IoT can secure your IoT devices appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions.
The post Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence

Microsoft has identified three new pieces of malware being used in late-stage activity by NOBELIUM – the actor behind the SolarWinds attacks, SUNBURST, and TEARDROP.
The post GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence appeared first on Microsoft Security. READ MORE HERE…

Read more

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.
The post Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender appeared first on Microsoft Security. READ MORE HERE…

Read more

Using Microsoft 365 Defender to protect against Solorigate

This blog is a comprehensive guide for security operations and incident response teams using Microsoft 365 Defender to identify, investigate, and respond to the Solorigate attack if it’s found in your environment.
The post Using Microsoft 365 Defender to protect against Solorigate appeared first on Microsoft Security. READ MORE HERE…

Read more

Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them

BISMUTH, which has been running increasingly complex cyberespionage attacks as early as 2012, deployed Monero coin miners in campaigns from July to August 2020. The group’s use of coin miners was unexpected, but it was consistent with their longtime methods of blending in.
The post Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them appeared first on Microsoft Security. READ MORE HERE…

Read more