7 Dicembre 2022
Mitigate threats with the new threat matrix for Kubernetes

Today, we are glad to release the third version of the threat matrix for Kubernetes, an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by Microsoft in 2020, was the first attempt to systematically cover the attack landscape of Kubernetes. Since then,[…]

Read More
6 Dicembre 2022
DEV-0139 launches targeted attacks against the cryptocurrency industry

Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also observed threat actors directly targeting organizations within the[…]

Read More
30 Novembre 2022
Implementing Zero Trust access to business data on BYOD with Trustd MTD and Microsoft Entra

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  As more employees work remotely on a variety of devices and networks, businesses need a security model that supports this new operational efficiency. An expanding perimeter poses challenges for organizational security, exposing[…]

Read More
28 Novembre 2022
Forrester TEI highlights 3 benefits of Power Platform premium capabilities

Microsoft Power Platform recently commissioned a Forrester Total Economic Impact study to help customers better understand the value of Microsoft Power Platform premium capabilities. This study expounds on how premium capabilities empower enterprises to unlock more business value using the platform.The study accomplishes this by highlighting three key[…]

Read More
22 Novembre 2022
Microsoft supports the DoD’s Zero Trust strategy

The Department of Defense (DoD) released its formal Zero Trust strategy today, marking a major milestone in its goal of achieving enterprise-wide implementation by 2027. The strategy comes at a critical time as United States government networks continue to face nearly half the global nation-state attacks that occur,[…]

Read More
22 Novembre 2022
Join us at InfoSec Jupyterthon 2022

Notebooks are gaining popularity in InfoSec. Used interactively for investigations and hunting or as scheduled processing jobs, notebooks offer plenty of advantages over traditional security operations center (SOC) tools. Sitting somewhere between scripting/macros and a full-blown development environment, they offer easy entry to data analyses and visualizations that[…]

Read More
22 Novembre 2022
Vulnerable SDK components lead to supply chain risks in IoT and OT environments

Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External tools and products that are managed by vendors and developers can pose a security risk, especially to targets in sensitive industries. Attacks on software[…]

Read More
17 Novembre 2022
DEV-0569 finds new ways to deliver Royal ransomware, various payloads

Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed DEV-0569 attacks show a pattern of continuous innovation,[…]

Read More
16 Novembre 2022
Microsoft contributes S2C2F to OpenSSF to improve supply chain security

On August 4, 2022, Microsoft publicly shared a framework that it has been using to secure its own development practices since 2019, the Secure Supply Chain Consumption Framework (S2C2F), previously the Open Source Software-Supply Chain Security (OSS-SSC) Framework. As a massive consumer of and contributor to open source,[…]

Read More
16 Novembre 2022
Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft[…]

Read More