Microsoft Defender ATP Archives - ThreatsHub Cybersecurity News

Threat hunting in Azure Advanced Threat Protection (ATP)

January 7, 2020 TH Author Azure Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft Detection and Response Team (DART)

DART was called into an engagement where the adversary had a foothold within the on-premises network, which had been gained through compromising cloud credentials. Luckily, this customer had deployed Azure ATP prior to the incident and it had already normalized authentication and identity transactions within the customer network.
The post Threat hunting in Azure Advanced Threat Protection (ATP) appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

December 23, 2019 TH Author CISO series, Ciso series page, Endpoint security, incident response, Lessons learned, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP

In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.
The post CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Mobile threat defense and intelligence are a core part of cyber defense

December 19, 2019 TH Author Endpoint security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft Intelligent Security Association (MISA), Mobile Security

To safeguard company assets, organizations need to augment their global cyber defense strategy with mobile threat intelligence.
The post Mobile threat defense and intelligence are a core part of cyber defense appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

GALLIUM: Targeting global telecom

December 12, 2019 TH Author Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, Threat protection

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.
The post GALLIUM: Targeting global telecom appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Improve cyber supply chain risk management with Microsoft Azure

December 9, 2019 TH Author Azure Security, Endpoint security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Zero Trust

To keep government agencies secure in the cloud, we must keep pace and stay ahead of cyber attackers by defending the cyber supply chain with Microsoft Azure.
The post Improve cyber supply chain risk management with Microsoft Azure appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Spear phishing campaigns—they’re sharper than you think

December 2, 2019 TH Author CISO series, Ciso series page, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Phishing

Spear phishing campaigns can be highly effective—but they aren’t foolproof. If you understand how they work, you can put measures in place to reduce their power.
The post Spear phishing campaigns—they’re sharper than you think appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

November 14, 2019 TH Author Azure Security, Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft Detection and Response Team (DART)

A series on DART’s tools, techniques, and procedures for investigating cybersecurity incidents at their customer organizations. Part 1 introduces the team and gives a brief overview of the tools that DART utilizes.
The post Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1 appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

October 28, 2019 TH Author Cybersecurity, experts on demand, Microsoft Defender ATP, Microsoft security intelligence, Microsoft Threat Experts, Security Intelligence, Security Response, targeted attack notifications, Threat protection, Windows Security

Experts on demand is now generally available and gives customers direct access to real-life Microsoft threat analysts to help with their security investigations.
The post Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

October 8, 2019 TH Author AI and machine learning, AMSI paired machine learning, Automation, behavior-based machine learning, behavioral blocking and containment, Cybersecurity, endpoint protection platform, Endpoint security, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, threat and malware prevention

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.
The post In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks appeared first on Microsoft Security. READ MORE HERE…

← Previous