Join us at Microsoft Ignite 2024 for sessions, keynotes, and networking aimed at giving you tools and strategies to put security first in your organization.
The post Microsoft Ignite: Sessions and demos to improve your security strategy appeared first on Microsoft Security Blog. READ MORE HERE…
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight […]
The post Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files appeared first on Microsoft Security Blog. READ MORE HERE…
Healthcare organizations are an attractive target for ransomware attacks. Read our latest blog post to learn why and get strategies to protect yourself from cyberthreats.
The post Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a […]
The post New macOS vulnerability, “HM Surf”, could lead to unauthorized data access appeared first on Microsoft Security Blog. READ MORE HERE…
We must find a way to stem the tide of this malicious cyber activity. That includes continuing to harden our digital domains to protect our networks, data, and people at all levels. However, this challenge will not be accomplished solely by executing a checklist of cyber hygiene measures but only through a focus on and commitment to the foundations of cyber defense from the individual user to the corporate executive and to government leaders.
The post Escalating cyber threats demand stronger global defense and cooperation appeared first on Microsoft Security Blog. READ MORE HERE…
Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks. Microsoft is sharing recommended actions administrators can take now to help prevent successful Kerberoasting cyberattacks.
The post Microsoft’s guidance to help mitigate Kerberoasting appeared first on Microsoft Security Blog. READ MORE HERE…
This edition of Cyber Signals delves into the cybersecurity challenges facing classrooms and campuses, highlighting the critical need for robust defenses and proactive measures. From personal devices to virtual classes and research stored in the cloud, the digital footprint of school districts, colleges, and universities has multiplied exponentially.
The post Cyber Signals Issue 8 | Education under siege: How cybercriminals target our schools appeared first on Microsoft Security Blog. READ MORE HERE…
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
The post File hosting services misused for identity phishing appeared first on Microsoft Security Blog. READ MORE HERE…
Forrester found that Microsoft Defender for Cloud markedly enhanced the security, compliance, and operational efficiency of each company participating.
The post Microsoft Defender for Cloud remediated threats 30% faster than other solutions, according to Forrester TEI™ study appeared first on Microsoft Security Blog. READ MORE HERE…
To help our global cyberdefenders, Microsoft has put together the Be Cybersmart Kit, designed to educate everyone, on best practices for going passwordless, not falling for sophisticated phishing or fraud, device protection, AI safety, and more.
The post Cybersecurity Awareness Month: Securing our world—together appeared first on Microsoft Security Blog. READ MORE HERE…