Disrupting SEABORGIUM’s ongoing phishing operations

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Mon, 15 Aug 2022 16:00:00 +0000

The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM in campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.

The post Disrupting SEABORGIUM’s ongoing phishing operations appeared first on Microsoft Security Blog.

Read more

IT security: An opportunity to raise corporate governance scores

Credit to Author: Christine Barrett| Date: Mon, 08 Aug 2022 16:00:00 +0000

Corporate Governance scoring is increasingly important to boards of directors, executive leadership, and the investment community. Governance frameworks now incorporate aspects of IT security. Communicating the security message in ways that impact a company’s governance score is important to getting attention and investment from corporate leadership. This post examines a leading governance framework from Institutional Shareholder Services, Governance QualityScore, and the specifics of how IT security can increase a company’s score.

The post IT security: An opportunity to raise corporate governance scores appeared first on Microsoft Security Blog.

Read more

How IT and security teams can work together to improve endpoint security

Credit to Author: Christine Barrett| Date: Thu, 04 Aug 2022 16:00:00 +0000

The threat landscape has changed over the last few years. A mitigation strategy involves collaboration between the security operations and IT infrastructure teams. There are three best practices to enable collaboration, highlighting the role of endpoint management in helping organizations unify their efforts in this blog.

The post How IT and security teams can work together to improve endpoint security appeared first on Microsoft Security Blog.

Read more

Microsoft Defender Experts for Hunting proactively hunts threats

Credit to Author: Christine Barrett| Date: Wed, 03 Aug 2022 16:00:00 +0000

Microsoft Defender Experts for Hunting is now generally available. The security offering provides a proactive hunting service combining expert-trained technology with human-led services to hunt for threats across Microsoft 365 data.

The post Microsoft Defender Experts for Hunting proactively hunts threats appeared first on Microsoft Security Blog.

Read more

Microsoft announces new solutions for threat intelligence and attack surface management

Credit to Author: Christine Barrett| Date: Tue, 02 Aug 2022 13:00:00 +0000

Defenders are up against the most sophisticated threat landscape we’ve ever seen. Today, we’re proud to execute our threat intelligence vision behind that acquisition and announce several new solutions to help security teams get ahead of adversaries and catch what others miss.

The post Microsoft announces new solutions for threat intelligence and attack surface management appeared first on Microsoft Security Blog.

Read more

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 27 Jul 2022 14:00:00 +0000

MSTIC and MSRC disclose technical details of a private-sector offensive actor (PSOA) tracked as KNOTWEED using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and Central American customers.

The post Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits appeared first on Microsoft Security Blog.

Read more

Malicious IIS extensions quietly open persistent backdoors into servers

Credit to Author: Katie McCafferty| Date: Tue, 26 Jul 2022 17:00:00 +0000

Attackers are increasingly leveraging managed IIS extensions as covert backdoors into servers, providing a durable persistence mechanism for attacks.

The post Malicious IIS extensions quietly open persistent backdoors into servers appeared first on Microsoft Security Blog.

Read more