Microsoft Ignite: Sessions and demos to improve your security strategy
Join us at Microsoft Ignite 2024 for sessions, keynotes, and networking aimed at giving you tools and strategies to put security first in your organization.
The art and science behind Microsoft threat hunting: Part 3
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios.
Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations
Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as well as federal and state government sectors in the United States and the United Arab […]
How Microsoft Entra ID supports US government agencies in meeting identity security requirements
United States Government agencies are adopting Microsoft Entra ID to consolidate siloed identity solutions, reduce operational complexity, and improve control and visibility across all users.
Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy
The Microsoft AI Tour is coming to a city near you. Join a free, one-day tour event to learn how we are making AI deployment more secure.
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Microsoft again ranked number one in modern endpoint security market share
IDC Worldwide Corporate Endpoint Security Market Shares report for 2023 ranks Microsoft number one in market share with a 40.7% increase in share over last year.
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE
Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
How Microsoft and NIST are collaborating to advance the Zero Trust Implementation
Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details of their collaboration on a Zero Trust (ZT) implementation and what this learning pathway means for your organization.
New Microsoft whitepaper shares how to prepare your data for secure AI adoption
In our newly released whitepaper, we share strategies to prepare for the top data challenges and new data security needs in the age of AI.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption
Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.
Windows Security best practices for integrating and managing security tools
We examine the recent CrowdStrike outage and provide a technical overview of the root cause.