Guarding against supply chain attacks—Part 3: How software becomes compromised

Credit to Author: Todd VanderArk| Date: Wed, 11 Mar 2020 16:00:32 +0000

Set a high standard of software assurance with internal teams, partners, and suppliers to reduce your risk of a software supply chain attack.

The post Guarding against supply chain attacks—Part 3: How software becomes compromised appeared first on Microsoft Security.

Read more

Behavioral blocking and containment: Transforming optics into protection

Credit to Author: Eric Avena| Date: Mon, 09 Mar 2020 16:30:20 +0000

Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop engine that leverages endpoint and detection response (EDR) sensors.

The post Behavioral blocking and containment: Transforming optics into protection appeared first on Microsoft Security.

Read more

Human-operated ransomware attacks: A preventable disaster

Credit to Author: Eric Avena| Date: Thu, 05 Mar 2020 17:00:31 +0000

In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.

The post Human-operated ransomware attacks: A preventable disaster appeared first on Microsoft Security.

Read more

Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals

Credit to Author: Todd VanderArk| Date: Thu, 20 Feb 2020 14:00:43 +0000

Azure Sentinel Fusion technology uses powerful machine learning methods to enable your SecOps team to focus on the threats that matter.

The post Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals appeared first on Microsoft Security.

Read more

Building on secure productivity

Credit to Author: Todd VanderArk| Date: Wed, 12 Feb 2020 17:00:08 +0000

Announcing Safe Documents and Application Guard, new Microsoft 365 features that bring together Windows 10, Office 365, and Microsoft Defender ATP to help users stay secure and productive.

The post Building on secure productivity appeared first on Microsoft Security.

Read more

Ghost in the shell: Investigating web shell attacks

Credit to Author: Eric Avena| Date: Tue, 04 Feb 2020 17:30:40 +0000

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.

The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security.

Read more

Threat hunting in Azure Advanced Threat Protection (ATP)

Credit to Author: Todd VanderArk| Date: Tue, 07 Jan 2020 17:00:53 +0000

DART was called into an engagement where the adversary had a foothold within the on-premises network, which had been gained through compromising cloud credentials. Luckily, this customer had deployed Azure ATP prior to the incident and it had already normalized authentication and identity transactions within the customer network.

The post Threat hunting in Azure Advanced Threat Protection (ATP) appeared first on Microsoft Security.

Read more

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

Credit to Author: Todd VanderArk| Date: Mon, 23 Dec 2019 17:00:57 +0000

In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.

The post CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life appeared first on Microsoft Security.

Read more

Mobile threat defense and intelligence are a core part of cyber defense

Credit to Author: Todd VanderArk| Date: Thu, 19 Dec 2019 17:00:32 +0000

To safeguard company assets, organizations need to augment their global cyber defense strategy with mobile threat intelligence.

The post Mobile threat defense and intelligence are a core part of cyber defense appeared first on Microsoft Security.

Read more