Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse. This edition of Cyber Signals takes you inside the work underway and important milestones achieved that protect customers.
Microsoft is proud to be recognized as a Leader in The Forrester Waveâ„¢: Zero Trust Platform Providers, Q3 2023 report.
Since February 2023, Microsoft has observed a high volume of password spray attacks attributed to Peach Sandstorm, an Iranian nation-state group. In a small number of cases, Peach Sandstorm successfully authenticated to an account and used a combination of publicly available and custom tools for persistence, lateral movement, and exfiltration.
A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions.
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors.
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
We’re announcing the release of a second version of our threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services.
As the world becomes more data-driven and the privacy landscape continues to evolve, the need to take a proactive privacy approach increases. Here's how Microsoft Priva can help.
China-based actor Flax Typhoon is exploiting known vulnerabilities for public-facing servers, legitimate VPN software, and open-source malware to gain access to Taiwanese organizations, but not taking further action.
Microsoft Incident Response is a global team comprised of cybersecurity experts with deep, highly specialized knowledge in breach detection, response, and recovery.
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Microsoft researchers identified multiple high-severity vulnerabilities in the CODESYS V3 SDK that could put operational technology (OT) infrastructure at risk of attacks, such as remote code execution (RCE) and denial of service (DoS).
Gain greater visibility into your multicloud environments to better understand your security posture, minimize risk, and detect and respond to threats in real time.
Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy.
As IT environments become more complex and multilayered to combat cybersecurity attacks, authentication processes for applications, operating systems, and workplace locations are increasingly managed in silos. Axiad Cloud and Microsoft Entra ID help to strengthen security perimeters by provisioning and managing phishing-resistant, passwordless credentials.
