Threat protection Archives - ThreatsHub Cybersecurity News

Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work

July 12, 2021 TH Author Cybersecurity, Integrated Threat Protection, Threat protection

Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence.
The post Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Accessibility and usability for all in Azure Sentinel

July 7, 2021 TH Author Cybersecurity, Integrated Threat Protection, Threat protection

Designing with accessibility in mind greatly expands the impact of Microsoft solutions. However, the impact of accessible design is even bigger than that. When we design for accessibility, everyone benefits.
The post Accessibility and usability for all in Azure Sentinel appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Preparing for your migration from on-premises SIEM to Azure Sentinel

July 6, 2021 TH Author Cybersecurity, Threat protection

Learn how to plan and prepare for migration from a traditional on-premises SIEM to Microsoft’s cloud-native SIEM for intelligent security analytics at cloud scale.
The post Preparing for your migration from on-premises SIEM to Azure Sentinel appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Strategies, tools, and frameworks for building an effective threat intelligence team

June 22, 2021 TH Author Cybersecurity, Threat protection, Voice of the Community

Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team.
The post Strategies, tools, and frameworks for building an effective threat intelligence team appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Business email compromise: How Microsoft is combating this costly threat

May 6, 2021 TH Author Cybersecurity, Microsoft Defender for Office 365, Threat protection

Business email compromise is the costliest phishing attack threat to organizations. In this post, we explore how it works and strategies to fight it.
The post Business email compromise: How Microsoft is combating this costly threat appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Azure LoLBins: Protecting against the dual use of virtual machine extensions

March 9, 2021 TH Author Azure Security, Cybersecurity, Integrated Threat Protection, Threat protection

Azure Defender for Resource Manager automatically monitors the resource management operations. This blog discusses the threats that are caused by ‘Living off the land Binaries’.
The post Azure LoLBins: Protecting against the dual use of virtual machine extensions appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

XLM + AMSI: New runtime defense against Excel 4.0 macro malware

March 3, 2021 TH Author Antimalware Scan Interface (AMSI), Cybersecurity, Excel 4.0, macro malware, Microsoft security intelligence, Threat protection, XLM

We have recently expanded the integration of Antimalware Scan Interface (AMSI) with Office 365 to include the runtime scanning of Excel 4.0 (XLM) macros, to help antivirus solutions tackle the increase in attacks that use malicious XLM macros.
The post XLM + AMSI: New runtime defense against Excel 4.0 macro malware appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

HAFNIUM targeting Exchange Servers with 0-day exploits

March 2, 2021 TH Author Cybersecurity, Exchange Server, HAFNIUM, Microsoft security intelligence, Microsoft Threat Intelligence Center (MSTIC), MSRC, Security Intelligence, threat intelligence, Threat protection

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM.
The post HAFNIUM targeting Exchange Servers with 0-day exploits appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Microsoft brings advanced hardware security to Server and Edge with Secured-core

March 2, 2021 TH Author Cybersecurity, Integrated Threat Protection, Threat protection

Microsoft is collaborating with partners to expand Secured-core to Windows Server, Azure Stack HCI, and Azure-certified IoT devices.
The post Microsoft brings advanced hardware security to Server and Edge with Secured-core appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

ZINC attacks against security researchers

January 28, 2021 TH Author Cybersecurity, Microsoft security intelligence, nation state, Security Intelligence, Security Researchers, threat intelligence, Threat protection, ZINC

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies.
The post ZINC attacks against security researchers appeared first on Microsoft Security. READ MORE HERE…

← Previous