15 Dicembre 2023
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server

Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server (“Perforce Server”), a source code management platform largely used in the videogame industry and by multiple organizations spanning government, military, technology, retail, and more. Perforce Server[…]

Read More
12 Dicembre 2023
Threat actors misuse OAuth applications to automate financially driven attacks

Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. OAuth is an open standard for token-based authentication and authorization that enables applications to get access to data and resources based on permissions set by a user. Threat actors compromise user accounts to create,[…]

Read More
12 Dicembre 2023
Strengthening identity protection in the face of highly sophisticated attacks

The post Strengthening identity protection in the face of highly sophisticated attacks appeared first on Microsoft Security Blog. Source: Microsoft Security

Read More
11 Dicembre 2023
New Microsoft Incident Response team guide shares best practices for security teams and leaders

As enterprise networks grow in both size and complexity, securing them from motivated cyberthreat actors becomes more challenging. The incident response process can be a maze that security professionals must quickly learn to navigate—which is no easy task. Surprisingly, many organizations still lack a coordinated incident response plan,[…]

Read More
7 Dicembre 2023
New Microsoft Purview features use AI to help secure and govern all your data

In the past few years, we have witnessed how digital and cloud transformation has accelerated the growth of data. With more and more customers moving to the cloud, and with the rise of hybrid work, data usage has moved beyond the traditional borders of business. Data is now[…]

Read More
7 Dicembre 2023
Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER and Callisto Group). Star Blizzard has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against[…]

Read More
6 Dicembre 2023
Microsoft Security Copilot drives new product integrations at Microsoft Ignite to empower security and IT teams

First announced in March 2023, Microsoft Security Copilot—Microsoft’s first generative AI security product—has sparked major interest. The widespread enthusiasm was on full display after announcing our Early Access Program in October 2023 and sharing our incredible Security Copilot innovations at Microsoft Ignite in November 2023. With the rapid[…]

Read More
5 Dicembre 2023
Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period in 2022. Threat actors leverage compromised identities to achieve a significant level of access to target networks. The[…]

Read More
5 Dicembre 2023
3 reasons why now is the time to go cloud native for device management

The post 3 reasons why now is the time to go cloud native for device management appeared first on Microsoft Security Blog. Source: Microsoft Security

Read More
5 Dicembre 2023
Accelerate developer productivity with Microsoft Power Platform

Microsoft Power Platform developer tools are enabling professional developers to create more effective business solutions using Power Platform than ever before. Development is faster, applications are more secure, and deployed within managed environments that have guardrails applying organizational policies and promoting best practices. You can quickly:  Create low-code[…]

Read More