Detection and Response Team (DART) – Computer Security Articles

Credit to Author: Microsoft Security Threat Intelligence – Editor| Date: Fri, 24 Mar 2023 18:30:00 +0000

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.

The post Guidance for investigating attacks using CVE-2023-23397 appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft Security tips for mitigating risk in mergers and acquisitions

November 2, 2022 admin cybersecurity, dart, Detection and Response Team (DART), microsoft detection and response team (dart), microsoft security experts

Credit to Author: Christine Barrett| Date: Wed, 02 Nov 2022 16:00:00 +0000

Mergers and acquisitions can be challenging. Microsoft’s Security Experts share what to ask before, during, and after one to secure identity, access control, and communications.

The post Microsoft Security tips for mitigating risk in mergers and acquisitions appeared first on Microsoft Security Blog.

Microsoft Security

The art and science behind Microsoft threat hunting: Part 1

September 8, 2022 admin cybersecurity, Detection and Response Team (DART), microsoft security experts, Threat protection

Credit to Author: Christine Barrett| Date: Thu, 08 Sep 2022 16:00:00 +0000

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities.

The post The art and science behind Microsoft threat hunting: Part 1 appeared first on Microsoft Security Blog.

Microsoft Security

Ghost in the shell: Investigating web shell attacks

February 5, 2020 admin China Chopper, cybersecurity, Detection and Response Team (DART), Endpoint security, gallium, Incident Response, krypton, Microsoft Defender Advanced Threat Protection, microsoft detection and response team (dart), Microsoft security intelligence, Security Management, Threat protection, Web Shell, zinc

Credit to Author: Eric Avena| Date: Tue, 04 Feb 2020 17:30:40 +0000

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.

The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security .

Microsoft Security

Ransomware response—to pay or not to pay?

December 16, 2019 admin Detection and Response Team (DART), Incident Response, microsoft detection and response team (dart), phishing

Credit to Author: Todd VanderArk| Date: Mon, 16 Dec 2019 17:00:07 +0000

As part of Microsoft’s Detection and Response Team (DART) Incident Response engagements, we regularly get asked by customers about “paying the ransom” following a ransomware attack.

The post Ransomware response—to pay or not to pay? appeared first on Microsoft Security .

Microsoft Security

Protect against BlueKeep

August 8, 2019 admin Detection and Response Team (DART), Incident Response, Network Security, Security Intelligence, Threat protection

Credit to Author: Todd VanderArk| Date: Thu, 08 Aug 2019 16:00:57 +0000

DART offers steps you can take to protect your network from BlueKeep, the “wormable” vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.

The post Protect against BlueKeep appeared first on Microsoft Security .