Learn more about AI-powered security directly from our leaders. Join us at #RSAC for Microsoft Pre-Day to get strategic guidance for CISOs, product innovations, fireside chats, and more. Connect with us here: https://msft.it/6041c0k9Z #GenAI
Microsoft Security
IT Services and IT Consulting
Protecting people and data against cyberthreats to give you peace of mind
About us
A new era of cybersecurity is here. Explore Microsoft Copilot for Security today.
- Website
-
https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-copilot-security
External link for Microsoft Security
- Industry
- IT Services and IT Consulting
- Company size
- 10,001+ employees
- Headquarters
- Seattle
- Specialties
- Security, Information protection, Identity, Compliance, Zero Trust, Remote Work, Threat protection, Access management, Microsoft Azure, Microsoft 365, Cloud app security, Secure application development, MCAS, CASB, Cloud access, Machine learning, and Cybersecurity
Updates
-
During #RSAC, visit Microsoft Security Hub at The Palace Hotel to join all our sessions and events happening during the week of May 6–9, 2024. You'll engage with immersive learning experiences dedicated to AI for security and have the chance to win exciting prizes. https://msft.it/6046YHcgq
-
A recent commissioned Total Economic Impact™ study conducted by Forrester Consulting found that deploying Microsoft Sentinel yielded a return on investment of 234%. Read more of the findings here: https://msft.it/6043YHmEF #SIEM #SecOps
Microsoft Sentinel delivers 234% ROI, according to Forrester study | Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog
-
🛡️ The single most important security recommendation for a company thinking about becoming cloud-agnostic? Establish a centralized cloud-security governance framework. Download the PDF for more insights like this: https://msft.it/6049YGWlv #Multicloud #CNAPP
-
Research published by Microsoft in collaboration with OpenAI exposes early-stage activity—including attempted misuse of large language models and fraud—from known threat actors. Details at: https://msft.it/6046YGmUp #ThreatIntelligence #SecurityInsider
-
🎙️️ Host Sarah Young chats with Mark Kendrick and Yaniv Shasha about how Copilot for Security works, including choosing plugins and custom integrations like Logic Apps. Register for the webinar: https://msft.it/6046YGmeg
-
Microsoft Security reposted this
The countdown to RSA Conference has begun! I’m excited to join my dear friend, Charlie Bell, for Microsoft’s pre-day kick-off event ahead of RSA, where we will discuss the latest security innovations in the age of AI. Register today to learn more about how AI can transform your security posture. I hope to see you all there! 🩷 https://lnkd.in/giK-f2mG
-
With rising cyberthreats and limited resources, organizations need to adapt continuously. Be future-ready by modernizing your security operations center with Microsoft Sentinel—a cloud-based, AI-powered security information and event management solution. Get the infographic to learn more: https://msft.it/6040YGc0O
-
Microsoft Security reposted this
Yesterday we had a great discussion about CNAPP during the SANS Security Event. Let's expand this discussion by watching the latest episode of Defender for Cloud in the Field. In this episode, my friend Miri Herszfang joins me to cover this topic. https://lnkd.in/gmkJZXMZ #cnapp #microsoft #cloudsecurity #codetocloud #posturemanagement #cspm #cybersecurity
Microsoft CNAPP Solution | Defender for Cloud in the Field #48
https://www.youtube.com/
-
Microsoft Security reposted this
In the first quarter of 2024, established ransomware families like Akira, Lockbit, Play, and Phobos were still the most predominantly used in attacks observed by Microsoft. This period also saw the resurgence of Qakbot, which was observed leading to Basta deployments. Meanwhile, newer families like Knight/Ransomhub, INC, and Hunters international were also observed. Microsoft now tracks 75 active ransomware families. Meanwhile, Microsoft tracks more than 120 ransomware threat actors, including nation-state actors and cybercrime groups. These threat actors continue to exploit vulnerabilities in various software and services to gain initial access, including Mirth Connect (CVE-2023-37679 and CVE-2023-43208), ConnectWise ScreenConnect (CVE-2024-1709 and CVE-2024-1708), JetBrains TeamCity (CVE-2024-27198 and CVE-2024-27199), and Fortinet FortiClient EMS (CVE-2023-48788). Notably, the threat actor Storm-1175, known for deploying Medusa ransomware, was observed exploiting all these vulnerabilities to obtain initial access. Among ransomware threat actors, Octo Tempest continues to be especially prolific, using a broad range of advanced social engineering methods, including sim swapping, tricking targets into updating authentication methods, and initiating password reset requests, to gain access to highly privileged accounts. Octo Tempest is known for deploying BlackCat ransomware for extortion. Post-compromise, many ransomware actors rely on abusing remote monitoring and management (RMM) tools. They also continue to attempt tampering with security products using malware, publicly available software, or custom malicious scripts and commands. A tampering technique that is particularly popular among financially motivated actors is Bring Your Own Vulnerable Driver (BYOVD). Applying the principle of least privilege and building credential hygiene are crucial for durable defense against ransomware. Deploying security solutions that provide unified visibility into the end-to-end cyberattack chain, including initial access techniques like exploitation of vulnerabilities and post-compromise behavior like abuse of remote management tools and BYOVD, is key to in-depth protection against ransomware. https://msft.it/6049YDw1v
Ransomware and extortion
learn.microsoft.com