Threat protection Archives - Page 5 of 8 - ThreatsHub Cybersecurity News

Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do

April 1, 2020 TH Author coronavirus-themed threats, covid-19, Cybersecurity, Endpoint security, gateway, Healthcare, human-operated ransomware, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, ransomware, remote work, REvil, Secure remote work, Securing remote workers series, Security Intelligence, Sodinokibi, Threat protection, virtual private network (VPN), virtual private server (VPS), VPN

Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.
The post Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Defending the power grid against supply chain attacks—Part 2: Securing hardware and software

March 23, 2020 TH Author Cybersecurity Policy, Identity and access management, IoT, Threat protection

The hardware and software companies who supply utilities must implement better security of their build and update environment to reduce the risk of an attack on critical infrastructure.
The post Defending the power grid against supply chain attacks—Part 2: Securing hardware and software appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Latest Astaroth living-off-the-land attacks are even more invisible but not less observable

March 23, 2020 TH Author Alternate Data Streams (ADS), Astaroth, behavioral blocking and containment, Cybersecurity, Endpoint security, fileless, info-stealing malware, living-off-the-land, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, ransomware, Security Intelligence, Threat protection, WMIC

Astaroth is back sporting significant changes. The updated attack chain maintains Astaroth’s complex, multi-component nature and continues its pattern of detection evasion.
The post Latest Astaroth living-off-the-land attacks are even more invisible but not less observable appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Forrester names Microsoft a Leader in 2020 Enterprise Detection and Response Wave

March 18, 2020 TH Author Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Threat protection

I’m proud to announce that Microsoft is positioned as a Leader in The Forrester Wave™: Enterprise Detection and Response, Q1 2020.
The post Forrester names Microsoft a Leader in 2020 Enterprise Detection and Response Wave appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Work remotely, stay secure—guidance for CISOs

March 12, 2020 TH Author Azure Security, CISO series, Ciso series page, Information/data protection, Microsoft Intune, Secure Score, Threat protection

With many employees suddenly working from home, there are things an organization and employees can do to help remain productive without increasing cybersecurity risk.
The post Work remotely, stay secure—guidance for CISOs appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Behavioral blocking and containment: Transforming optics into protection

March 9, 2020 TH Author behavioral blocking and containment, Cybersecurity, endpoint detection and response (EDR), endpoint protection platform (EPP), Endpoint security, Juicy Potato, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, Microsoft Threat Protection, next generation protection, QRat, Security Intelligence, Threat protection

Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop engine that leverages endpoint and detection response (EDR) sensors.
The post Behavioral blocking and containment: Transforming optics into protection appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Human-operated ransomware attacks: A preventable disaster

March 5, 2020 TH Author Cybersecurity, Doppelpaymer, Dridex, Endpoint security, hands-on-keyboard, human-operated attacks, Microsoft 365, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, PARINACOTA, ransomware, ryuk, Secure Score, Security deployment, Threat protection, TrickBot, Wadhrama

In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.
The post Human-operated ransomware attacks: A preventable disaster appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

New Microsoft Security innovations and partnerships

February 20, 2020 TH Author AI and machine learning, Azure Security, Microsoft 365, Microsoft Threat Protection, Office 365 Security, Threat protection

New innovations for built-in and cross-platform security that embrace AI.
The post New Microsoft Security innovations and partnerships appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Afternoon Cyber Tea—From threat intelligence to chatbots: A look at AI in cybersecurity

February 10, 2020 TH Author AI and machine learning, Security Intelligence, Threat protection

On this episode of Afternoon Cyber Tea, Ann Johnson and Jane Frankland discuss chatbots, AI, and increasing the number of women in cybersecurity.
The post Afternoon Cyber Tea—From threat intelligence to chatbots: A look at AI in cybersecurity appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Ghost in the shell: Investigating web shell attacks

February 4, 2020 TH Author china chopper, Cybersecurity, Detection and Response Team (DART), Endpoint security, GALLIUM, incident response, KRYPTON, Microsoft Defender Advanced Threat Protection, Microsoft Detection and Response Team (DART), Microsoft security intelligence, Security management, Threat protection, web shell, ZINC

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.
The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security. READ MORE HERE…