Security Intelligence Archives - Page 7 of 8 - ThreatsHub Cybersecurity News

Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack

July 8, 2019 TH Author AI and machine learning, Antimalware Scan Interface (AMSI), Astaroth, behavior monitoring, Command-line scanning, Cybersecurity, Endpoint security, Execution stage, fileless, fileless malware, heuristics, Initial access stage, living-off-the-land, Microsoft Defender ATP, Security Intelligence, Threat protection, Windows Defender Antivirus, Windows Security, WMIC

Advanced technologies in Microsoft Defender ATP next-generation protection exposed and defeated a widespread fileless campaign that completely “lived off the land” throughout a complex attack chain that run the info-stealing backdoor Astaroth directly in memory
The post Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time

July 2, 2019 TH Author Cybersecurity, Endpoint security, Microsoft Defender ATP, Security Intelligence, Threat and Vulnerability Management, Threat protection, TVM, Windows Security

Microsoft’s Threat & Vulnerability Management solution is generally available as of June 30! We have been working closely with customers for more than a year to incorporate their real needs and feedback to better address vulnerability management. Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need.
The post Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness

June 6, 2019 TH Author CISO series, Ciso series page, incident response, Security Intelligence, Threat protection

In our second post about people—our most valuable resource in the SOC—we talk about our investments into readiness programs, career paths, and recruiting for success.
The post Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Defend your digital landscape with Microsoft 365

April 17, 2019 TH Author Cybersecurity Policy, Microsoft 365, Security Intelligence

Detect a security breach in real-time and respond immediately to reduce damage. Read our latest e-book, “Defend your digital landscape,” to find out how.
The post Defend your digital landscape with Microsoft 365 appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Forcepoint DLP integration with Microsoft Information Protection—protecting your critical data

April 10, 2019 TH Author Information/data protection, Microsoft 365, Security Intelligence

Microsoft and Forcepoint are working closely to develop an integrated solution that makes it easy to discover, classify, label, and protect critical business data.
The post Forcepoint DLP integration with Microsoft Information Protection—protecting your critical data appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Building the security operations center of tomorrow—better insights with compound detection

April 10, 2019 TH Author Azure Security, Security Intelligence

Learn how compound detection can help you apply the law of data gravity and correlate insights across your security platforms.
The post Building the security operations center of tomorrow—better insights with compound detection appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability

April 10, 2019 TH Author Cybersecurity, Endpoint security, Office 365 Security, Security Intelligence

A complex attack chain incorporating the CVE-2018-20250 exploit and multiple code execution techniques attempted to run a fileless PowerShell backdoor that could allow an adversary to take full control of compromised machines.
The post Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

December 3, 2018 TH Author APT29, CozyBear, Cybersecurity, Defending Democracy Program, Micorosoft AccountGuard, Microsoft Threat Protection, Office 365 ATP, Security Intelligence, Security Response, Windows Defender ATP, YTTRIUM

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included
Read more
The post Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Small businesses targeted by highly localized Ursnif campaign

September 6, 2018 TH Author Cybersecurity, Security Intelligence, Security Response

Cyber thieves are continuously looking for new ways to get people to click on a bad link, open a malicious file, or install a poisoned update in order to steal valuable data. In the past, they cast as wide a net as possible to increase the pool of potential victims. But attacks that create a Read more READ MORE HERE…

Microsoft Secure

Building the security operations center of tomorrow—harnessing the law of data gravity

August 30, 2018 TH Author Cybersecurity, Security Intelligence

How can we build the SOC of tomorrow? By respecting the law of data gravity. If we can perform security analytics close to where the data already is, we can increase the speed of response. READ MORE HERE…