Barracuda and Microsoft: Securing applications in public cloud

The biggest blockers to public cloud adoption are sophisticated hackers, open vulnerabilities in applications, DDOs attacks and advanced bots/botnets. Learn how MISA Partner Barracuda works with Microsoft to protect cloud applications.
The post Barracuda and Microsoft: Securing applications in public cloud appeared first on Microsoft Security. READ MORE HERE…

Read more

Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

In the first blog in the Inside Microsoft Threat Protection series, we will show how MTP provides unparalleled end-to-end visibility into the activities of nation-state level attacks like HOLMIUM.
The post Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint appeared first on Microsoft Security. READ MORE HERE…

Read more

UEFI scanner brings Microsoft Defender ATP protection to a new level

The UEFI scanner is a new component of the built-in antivirus solution on Windows 10 and gives Microsoft Defender ATP the ability to scan inside of the firmware filesystem and perform security assessment.
The post UEFI scanner brings Microsoft Defender ATP protection to a new level appeared first on Microsoft Security. READ MORE HERE…

Read more

Exploiting a crisis: How cybercriminals behaved during the outbreak

Cybercriminals adapted their tactics to match what was going on in the world, and what we saw in the threat environment was parallel to the uptick in COVID-19 headlines and the desire for more information.
The post Exploiting a crisis: How cybercriminals behaved during the outbreak appeared first on Microsoft Security. READ MORE HERE…

Read more

Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

Inspired by MITRE’s transparency in publishing the payloads and tools used in the attack simulation, we’ll describe the mystery that is Step 19 and tell a story about how blue teams, once in a while, can share important learnings for red teams.
The post Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation appeared first on Microsoft Security. READ MORE HERE…

Read more

The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

Microsoft Threat Protection uses a data-driven approach for identifying lateral movement, combining industry-leading optics, expertise, and data science to deliver automated discovery of some of the most critical threats today.
The post The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware appeared first on Microsoft Security. READ MORE HERE…

Read more

Secured-core PCs help customers stay ahead of advanced data theft

Secured-core PCs provide customers with Windows 10 systems that come configured from OEMs with a set of hardware, firmware, and OS features enabled by default, mitigating Thunderspy and any similar attacks that rely on malicious DMA.
The post Secured-core PCs help customers stay ahead of advanced data theft appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft researchers work with Intel Labs to explore new deep learning approaches for malware classification

Researchers from Microsoft Threat Protection Intelligence Team and Intel Labs collaborated to study the application of deep transfer learning technique from computer vision to static malware classification.
The post Microsoft researchers work with Intel Labs to explore new deep learning approaches for malware classification appeared first on Microsoft Security. READ MORE HERE…

Read more

Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

This blog wraps up the day in the life of a SOC analyst on the investigation team with insights on remediating incidents, post-incident cleanup, and impact of COVID-19 on the SOC. This is the sixth blog post in the series.
The post Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2 appeared first on Microsoft Security. READ MORE HERE…

Read more