HAFNIUM targeting Exchange Servers with 0-day exploits

Credit to Author: Eric Avena| Date: Tue, 02 Mar 2021 21:07:53 +0000

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM.

The post HAFNIUM targeting Exchange Servers with 0-day exploits appeared first on Microsoft Security.

Read more

Microsoft open sources CodeQL queries used to hunt for Solorigate activity

Credit to Author: Eric Avena| Date: Thu, 25 Feb 2021 16:00:47 +0000

We are sharing the CodeQL queries that we used to analyze our source code at scale and rule out the presence of the code-level indicators of compromise (IoCs) and coding patterns associated with Solorigate so that other organizations may perform a similar analysis.

The post Microsoft open sources CodeQL queries used to hunt for Solorigate activity appeared first on Microsoft Security.

Read more

ZINC attacks against security researchers

Credit to Author: Eric Avena| Date: Thu, 28 Jan 2021 17:00:55 +0000

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies.

The post ZINC attacks against security researchers appeared first on Microsoft Security.

Read more

Using Zero Trust principles to protect against sophisticated attacks like Solorigate

Credit to Author: Lauren Goodwin| Date: Tue, 19 Jan 2021 22:30:50 +0000

The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure, but many of the tactics, techniques, and procedures (TTPs) were individually ordinary. Companies…

The post Using Zero Trust principles to protect against sophisticated attacks like Solorigate appeared first on Microsoft Security.

Read more

Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact

Credit to Author: Teri Seals-Dormer| Date: Wed, 06 Jan 2021 17:00:09 +0000

GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of relevant regulatory information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.

The post Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact appeared first on Microsoft Security.

Read more

Forcepoint and Microsoft: Risk-based access control for the remote workforce

Credit to Author: Teri Seals-Dormer| Date: Mon, 04 Jan 2021 17:00:11 +0000

Forcepoint integrates with Azure Active Directory conditional access policies based on an individual’s dynamically calculated risk level.

The post Forcepoint and Microsoft: Risk-based access control for the remote workforce appeared first on Microsoft Security.

Read more

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

Credit to Author: Lauren Goodwin| Date: Thu, 17 Dec 2020 21:00:56 +0000

This blog post will explain simple Microsoft security defaults and Secure Score—two features you should take advantage of that are easy to utilize and can significantly improve security in Azure AD and Office 365 configurations.

The post A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture appeared first on Microsoft Security.

Read more

A breakthrough year for passwordless technology

Credit to Author: Lauren Goodwin| Date: Thu, 17 Dec 2020 19:45:27 +0000

Learn how Microsoft and its partners are advancing IAM through secure passwordless access.

The post A breakthrough year for passwordless technology appeared first on Microsoft Security.

Read more