Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

A probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking enables us to quickly predict the likely threat group responsible for an attack, as well as the likely next attack stages.
The post Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting appeared first on Microsoft Security. READ MORE HERE…

Read more

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. As organizations recover from this incident, we continue to publish guidance and share threat intelligence to help detect and evict threat actors from affected environments.
The post Analyzing attacks taking advantage of the Exchange Server vulnerabilities appeared first on Microsoft Security. READ MORE HERE…

Read more

Sophisticated new Android malware marks the latest evolution of mobile ransomware

We found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms.
The post Sophisticated new Android malware marks the latest evolution of mobile ransomware appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise

A new report from Microsoft shows it is clear that threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to identify.
The post Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise appeared first on Microsoft Security. READ MORE HERE…

Read more

Ransom from Home – How to close the cyber front door to remote working ransomware attacks

Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…
The post Ransom from Home – How to close the cyber front door to remote working ransomware attacks appeared first on . Read More HERE…

Read more

1H 2020 Cyber Security Defined by Covid-19 Pandemic

When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken advantage of big news to use as lures for…
The post 1H 2020 Cyber Security Defined by Covid-19 Pandemic appeared first on . Read More HERE…

Read more

The Life Cycle of a Compromised (Cloud) Server

Trend Micro Research has developed a go-to resource for all things related to cybercriminal underground hosting and infrastructure. Today we released the second in this three-part series of reports which detail the what, how, and why of cybercriminal hosting (see the first part here). As part of this report, we dive into the common life…
The post The Life Cycle of a Compromised (Cloud) Server appeared first on . Read More HERE…

Read more

Ransomware is Still a Blight on Business

Ransomware is Still a Blight on Business Trends come and go with alarming regularity in cybersecurity. Yet a persistent menace over the past few years has been ransomware. Now mainly targeting organizations rather than consumers, and with increasingly sophisticated tools and tactics at their disposal, the cybercriminals behind these campaigns have been turning up the…
The post Ransomware is Still a Blight on Business appeared first on . Read More HERE…

Read more

The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

Microsoft Threat Protection uses a data-driven approach for identifying lateral movement, combining industry-leading optics, expertise, and data science to deliver automated discovery of some of the most critical threats today.
The post The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware appeared first on Microsoft Security. READ MORE HERE…

Read more

Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk

Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020.
The post Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk appeared first on Microsoft Security. READ MORE HERE…

Read more