AI innovations for a more secure future unveiled at Microsoft Ignite
Company delivers advances in AI and posture management, unprecedented bug bounty program, and updates on its Secure Future Initiative.
How Microsoft and NIST are collaborating to advance the Zero Trust Implementation
Both Microsoft and the National Institute of Standards and Technology (NIST) National Cyber security Center of Excellence (NCCoE) have translated the Zero Trust Architecture (ZTA) and Security Model into practical and actionable deployment. In this blog post, we explore details of their collaboration on a Zero Trust (ZT) implementation and what this learning pathway means for your organization.
New Microsoft whitepaper shares how to prepare your data for secure AI adoption
In our newly released whitepaper, we share strategies to prepare for the top data challenges and new data security needs in the age of AI.
Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption
Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.
Windows Security best practices for integrating and managing security tools
We examine the recent CrowdStrike outage and provide a technical overview of the root cause.
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Onyx Sleet uses array of malware to gather intelligence for North Korea
On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity associated with Onyx Sleet. We will continue to closely monitor Onyx Sleet’s activity to assess changes following the indictment.
Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture
Register for the “Zero Trust in the Age of AI” webcast to learn more about how our new capabilities in identity and network access and security operations make it easier to implement Zero Trust across your entire environment.
Connect with Microsoft Security at Black Hat USA 2024
Join Microsoft Security leaders and other security professionals from around the world at Black Hat USA 2024 to learn the latest information on security in the age of AI, cybersecurity protection, threat intelligence insights, and more.
Microsoft Purview Data Governance will be generally available September 1, 2024
Microsoft Purview Data Governance will become generally available to enterprise customers on September 1, 2024. It helps today’s data leaders solve their key data governance and security challenges in one unified AI-powered and business-friendly solution.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations platform, now generally available
Microsoft is announcing the Microsoft Entra Suite and the unified security operations platform, two innovations that simplify the implementation of your Zero Trust security strategy.
Vulnerabilities in PanelView Plus devices could lead to remote code execution
Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell’s PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). PanelView Plus devices are graphic terminals, which are known as human machine interface (HMI) and are used in the industrial space.