cybersecurity

MicrosoftSecurity

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

Credit to Author: Emma Jones| Date: Wed, 16 Nov 2022 18:00:00 +0000

We are pleased to announce that the S2C2F has been adopted by the OpenSSF under the Supply Chain Integrity Working Group and formed into its own Special Initiative Group. Our peers at the OpenSSF and across the globe agree with Microsoft when it comes to how fundamental this work is to improving supply chain security for everyone.

The post Microsoft contributes S2C2F to OpenSSF to improve supply chain security appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

Token tactics: How to prevent, detect, and respond to cloud token theft

Credit to Author: Paul Oliveria| Date: Wed, 16 Nov 2022 16:00:00 +0000

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.

The post Token tactics: How to prevent, detect, and respond to cloud token theft appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

2022 holiday DDoS protection guide

Credit to Author: Paul Oliveria| Date: Tue, 15 Nov 2022 18:00:00 +0000

The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays (for example, more sales for retailers and more players for gaming companies). Unfortunately, cyber attackers also look forward to this time of year to celebrate an emerging holiday tradition—distributed denial-of-service (DDoS) attacks.

The post 2022 holiday DDoS protection guide appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

Simplify privacy protection with Microsoft Priva Subject Rights Requests

Credit to Author: Christine Barrett| Date: Thu, 10 Nov 2022 17:00:00 +0000

With an ever-changing privacy landscape, taking a proactive privacy approach is key to building privacy resilience. In this blog, learn how Microsoft Priva Subject Rights Requests and its newest update right to be forgotten can help organizations meet their regulatory requirements.

The post Simplify privacy protection with Microsoft Priva Subject Rights Requests appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

Microsoft Defender Experts for Hunting demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations for Managed Services

Credit to Author: Christine Barrett| Date: Wed, 09 Nov 2022 15:00:00 +0000

Microsoft Defender Experts for Hunting, our newest managed threat hunting service, delivered top-class results during the inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Services. Defender Experts for Hunting provided a seamless, comprehensive, and rapid response to the simulated attack using expert-led threat hunting and an industry-leading platform—Microsoft 365 Defender.

The post Microsoft Defender Experts for Hunting demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations for Managed Services appeared first on Microsoft Security Blog.

Read More
MicrosoftSecurity

Stopping C2 communications in human-operated ransomware through network protection

Credit to Author: Katie McCafferty| Date: Thu, 03 Nov 2022 16:00:00 +0000

Providing advanced protection against increasingly sophisticated human-operated ransomware, Microsoft Defender for Endpoint’s network protection leverages threat intelligence and machine learning to block command-and-control (C2) communications.

The post Stopping C2 communications in human-operated ransomware through network protection appeared first on Microsoft Security Blog.

Read More