Learn more about AI-powered security directly from our leaders. Join us at #RSAC for Microsoft Pre-Day to get strategic guidance for CISOs, product innovations, fireside chats, and more. Connect with us here: https://msft.it/6041c0k9Z #GenAI
Microsoft Security
IT Services and IT Consulting
Protecting people and data against cyberthreats to give you peace of mind
About us
A new era of cybersecurity is here. Explore Microsoft Copilot for Security today.
- Website
-
https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-copilot-security
External link for Microsoft Security
- Industry
- IT Services and IT Consulting
- Company size
- 10,001+ employees
- Headquarters
- Seattle
- Specialties
- Security, Information protection, Identity, Compliance, Zero Trust, Remote Work, Threat protection, Access management, Microsoft Azure, Microsoft 365, Cloud app security, Secure application development, MCAS, CASB, Cloud access, Machine learning, and Cybersecurity
Updates
-
Microsoft Security reposted this
Yesterday we had a great discussion about CNAPP during the SANS Security Event. Let's expand this discussion by watching the latest episode of Defender for Cloud in the Field. In this episode, my friend Miri Herszfang joins me to cover this topic. https://lnkd.in/gmkJZXMZ #cnapp #microsoft #cloudsecurity #codetocloud #posturemanagement #cspm #cybersecurity
Microsoft CNAPP Solution | Defender for Cloud in the Field #48
https://www.youtube.com/
-
Microsoft Security reposted this
In the first quarter of 2024, established ransomware families like Akira, Lockbit, Play, and Phobos were still the most predominantly used in attacks observed by Microsoft. This period also saw the resurgence of Qakbot, which was observed leading to Basta deployments. Meanwhile, newer families like Knight/Ransomhub, INC, and Hunters international were also observed. Microsoft now tracks 75 active ransomware families. Meanwhile, Microsoft tracks more than 120 ransomware threat actors, including nation-state actors and cybercrime groups. These threat actors continue to exploit vulnerabilities in various software and services to gain initial access, including Mirth Connect (CVE-2023-37679 and CVE-2023-43208), ConnectWise ScreenConnect (CVE-2024-1709 and CVE-2024-1708), JetBrains TeamCity (CVE-2024-27198 and CVE-2024-27199), and Fortinet FortiClient EMS (CVE-2023-48788). Notably, China-based threat actor Storm-1175, known for deploying Medusa ransomware, was observed exploiting all these vulnerabilities to obtain initial access. Among ransomware threat actors, Octo Tempest continues to be especially prolific, using a broad range of advanced social engineering methods, including sim swapping, tricking targets into updating authentication methods, and initiating password reset requests, to gain access to highly privileged accounts. Octo Tempest is known for deploying BlackCat ransomware for extortion. Post-compromise, many ransomware actors rely on abusing remote monitoring and management (RMM) tools. They also continue to attempt tampering with security products using malware, publicly available software, or custom malicious scripts and commands. A tampering technique that is particularly popular among financially motivated actors is Bring Your Own Vulnerable Driver (BYOVD). Applying the principle of least privilege and building credential hygiene are crucial for durable defense against ransomware. Deploying security solutions that provide unified visibility into the end-to-end cyberattack chain, including initial access techniques like exploitation of vulnerabilities and post-compromise behavior like abuse of remote management tools and BYOVD, is key to in-depth protection against ransomware. https://msft.it/6049YDw1v
Ransomware and extortion
learn.microsoft.com
-
🛡️ Security professionals are addressing insider risks head-on. Learn how you can protect your organization from both internal and external cyberthreats using strategies from a multinational survey of over 500 data security experts. Download our e-book to get started: https://msft.it/6043Y8Fvv #InsiderRisk
-
In support of the Department of Defense's Zero Trust Strategy, we're releasing activity-level guidance on how Microsoft cloud services can be used to implement Zero Trust for Department Components and the Defense Industrial Base. Read more here: https://msft.it/6043YB4OW #ZeroTrust #Multicloud
New Microsoft guidance for the DoD Zero Trust Strategy | Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog
-
Connect with us at this year's #RSAC in San Francisco from May 6-9, 2024. Learn how to secure and govern AI by end-to-end protection with Microsoft Copilot for Security and other solutions across the Microsoft Security portfolio. https://msft.it/6046YBN9j #GenAI
-
Heading to #RSAC this year? Register for Microsoft Pre-Day to learn more about AI-powered security directly from our security leaders. AI-first, end-to-end security for all. Register now: https://msft.it/6048YBaqe
-
We're proud that Microsoft Entra has been recognized as a Leader in the Forrester Wave™: Workforce Identity Platforms, Q1 2024 report. Learn how we've evolved our solutions to meet the needs of users and integrate advanced technology, such as generative AI: https://msft.it/6043chtSh
-
63% of reported data breaches stem from inadvertent or malicious insiders with access to sensitive information. Announcing Adaptive Protection—now integrated with Conditional Access—to mitigate insider risk levels. Learn more: https://msft.it/6047cA2pT #DataSecurity
The dynamic duo for your data security – Adaptive Protection integration with Conditional Access
techcommunity.microsoft.com
-
Threat actors know how to manipulate emotions. Making you feel fearful, guilty, or angry can give cyberattackers an upper hand—learn how: https://msft.it/6045cfhwZ #ThreatIntelligence #SecurityInsider