Protect your business from password sprays with Microsoft DART recommendations

This blog discusses DART’s investigation techniques and approach to responding to password spray attacks while outlining recommendations for protecting against them.
The post Protect your business from password sprays with Microsoft DART recommendations appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

A guide to combatting human-operated ransomware: Part 2

In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack.
The post A guide to combatting human-operated ransomware: Part 2 appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

A guide to combatting human-operated ransomware: Part 1

As human-operated ransomware is on the rise, Microsoft’s Detection and Response Team (DART) shares how they investigate these attacks and what to consider when faced with a similar event in your organization.
The post A guide to combatting human-operated ransomware: Part 1 appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Web shell attacks continue to rise

A year ago, we reported the steady increase in the use of web shells in attacks worldwide. The latest Microsoft 365 Defender data shows that this trend not only continued, it accelerated. Read our investigation into the escalating prevalence of web shells.
The post Web shell attacks continue to rise appeared first on Microsoft Security. READ MORE HERE…

Read more

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

This blog post will explain simple Microsoft security defaults and Secure Score—two features you should take advantage of that are easy to utilize and can significantly improve security in Azure AD and Office 365 configurations.
The post A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft Office 365—Do you have a false sense of cloud security?

Security is not just flipping the switch of security features to “on” and think you are done. DART explores the concept of having a false sense of security when securing your cloud environments.
The post Microsoft Office 365—Do you have a false sense of cloud security? appeared first on Microsoft Security. READ MORE HERE…

Read more

Success in security: reining in entropy

Your network is unique. It’s a living, breathing system evolving over time. The applications and users performing these actions are all unique parts of the system, adding degrees of disorder and entropy to your operating environment.
The post Success in security: reining in entropy appeared first on Microsoft Security. READ MORE HERE…

Read more

Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

This blog wraps up the day in the life of a SOC analyst on the investigation team with insights on remediating incidents, post-incident cleanup, and impact of COVID-19 on the SOC. This is the sixth blog post in the series.
The post Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2 appeared first on Microsoft Security. READ MORE HERE…

Read more

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry

By working with governments, trade organizations, and suppliers, the utility industry can improve security across the supply chain.
The post Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry appeared first on Microsoft Security. READ MORE HERE…

Read more