This blog wraps up the day in the life of a SOC analyst on the investigation team with insights on remediating incidents, post-incident cleanup, and impact of COVID-19 on the SOC. This is the sixth blog post in the series.
The post Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2 appeared first on Microsoft Security. READ MORE HERE…
Learn how the Microsoft Security Assurance and Vulnerability Research team secures critical products.
The post Mitigating vulnerabilities in endpoint network stacks appeared first on Microsoft Security. READ MORE HERE…
Today we are excited to announce the general availability of Microsoft 365 Records Management, which can help organizations to secure and govern their most critical data.
The post Data governance matters now more than ever appeared first on Microsoft Security. READ MORE HERE…
Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020.
The post Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk appeared first on Microsoft Security. READ MORE HERE…
By working with governments, trade organizations, and suppliers, the utility industry can improve security across the supply chain.
The post Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry appeared first on Microsoft Security. READ MORE HERE…
Our threat intelligence shows that COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to the pandemic. We’re seeing a changing of lures, not a surge in attacks. These attacks are settling into the normal ebb and flow of the threat environment.
The post Microsoft shares new threat intelligence, security guidance during global crisis appeared first on Microsoft Security. READ MORE HERE…
Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.
The post Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do appeared first on Microsoft Security. READ MORE HERE…
Astaroth is back sporting significant changes. The updated attack chain maintains Astaroth’s complex, multi-component nature and continues its pattern of detection evasion.
The post Latest Astaroth living-off-the-land attacks are even more invisible but not less observable appeared first on Microsoft Security. READ MORE HERE…
Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop engine that leverages endpoint and detection response (EDR) sensors.
The post Behavioral blocking and containment: Transforming optics into protection appeared first on Microsoft Security. READ MORE HERE…
In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.
The post Human-operated ransomware attacks: A preventable disaster appeared first on Microsoft Security. READ MORE HERE…