ThreatsHub.org
Join us in November 2024 in Chicago for Microsoft Ignite to connect with industry leaders and learn about our newest solutions and innovations.
The post Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI appeared first on Microsoft Security Blog. READ MORE HERE…
End-to-end security is a modern, comprehensive approach to data protection that aligns data protection and incident response across devices, systems, and users. Read the blog post to explore why it’s an attractive option for organizations committed to strengthening their cybersecurity.
The post How comprehensive security simplifies the defense of your digital estate appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) in the Chromium renderer process. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet, a North Korean threat actor that commonly targets the cryptocurrency sector for financial gain.
The post North Korean threat actor Citrine Sleet exploiting Chromium zero-day appeared first on Microsoft Security Blog. READ MORE HERE…
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios.
The post The art and science behind Microsoft threat hunting: Part 3 appeared first on Microsoft Security Blog. READ MORE HERE…
Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as well as federal and state government sectors in the United States and the United Arab […]
The post Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations appeared first on Microsoft Security Blog. READ MORE HERE…
United States Government agencies are adopting Microsoft Entra ID to consolidate siloed identity solutions, reduce operational complexity, and improve control and visibility across all users.
The post How Microsoft Entra ID supports US government agencies in meeting identity security requirements appeared first on Microsoft Security Blog. READ MORE HERE…
The Microsoft AI Tour is coming to a city near you. Join a free, one-day tour event to learn how we are making AI deployment more secure.
The post Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy appeared first on Microsoft Security Blog. READ MORE HERE…
IDC Worldwide Corporate Endpoint Security Market Shares report for 2023 ranks Microsoft number one in market share with a 40.7% increase in share over last year.
The post Microsoft again ranked number one in modern endpoint security market share appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog. READ MORE HERE…
Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details of their collaboration on a Zero Trust (ZT) implementation and what this learning pathway means for your organization.
The post How Microsoft and NIST are collaborating to advance the Zero Trust Implementation appeared first on Microsoft Security Blog. READ MORE HERE…