Microsoft’s guidance to help mitigate Kerberoasting  

Microsoft’s guidance to help mitigate Kerberoasting  

As cyberthreats continue to evolve, it’s essential for security professionals to stay informed about the latest attack vectors and defense mechanisms. Kerberoasting is a well-known Active Directory (AD) attack vector whose effectiveness is growing because of the use of GPUs to accelerate password cracking techniques.  Because Kerberoasting enables cyberthreat actors to steal credentials and quickly navigate…

​​Cyber Signals Issue 8 | Education under siege: How cybercriminals target our schools​​

​​Cyber Signals Issue 8 | Education under siege: How cybercriminals target our schools​​

Introduction | Security snapshot | Threat briefingDefending against attacks | Expert profile  Education is essentially an “industry of industries,” with K-12 and higher education enterprises handling data that could include health records, financial data, and other regulated information. At the same time, their facilities can host payment processing systems, networks that are used as internet…

File hosting services misused for identity phishing

File hosting services misused for identity phishing

Microsoft has observed campaigns misusing legitimate file hosting services increasingly use defense evasion tactics involving files with restricted access and view-only restrictions. While these campaigns are generic and opportunistic in nature, they involve sophisticated techniques to perform social engineering, evade detection, and expand threat actor reach to other accounts and tenants. These campaigns are intended…

Microsoft Defender for Cloud remediated threats 30% faster than other solutions, according to Forrester TEI™ study

Microsoft Defender for Cloud remediated threats 30% faster than other solutions, according to Forrester TEI™ study

The broad adoption of multicloud and hybrid infrastructures has introduced new complexity to the cloud estates of many businesses. With this complexity comes a broader attack surface for would-be data thieves. Sophisticated ransomware attacks that exploit vulnerabilities in cloud infrastructure are on the rise, as are supply chain attacks that target third-party software. Cyberattackers move…

Cybersecurity Awareness Month: Securing our world—together

Cybersecurity Awareness Month: Securing our world—together

As Cybersecurity Awareness Month marks its 21st year, it’s clear that this year stands out. Phishing emails have become more convincing, and fraud has increased, making cyberattackers seem legitimate—as if they were Microsoft support or even the fraud detection services from your bank.1 And threat actors are taking advantage of the rise of AI, using…

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. The said attack targeted multiple sectors in the United States, including government, manufacturing, transportation,…

​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

Since 2023, Microsoft has seen a 2.75 times increase in the number of organizations encountering ransomware campaigns.1 And up to 90% of successful ransomware campaigns leverage unmanaged endpoints, which are typically personal devices that people bring to work.1 While the number of ransomware attempts has increased drastically, Microsoft Defender for Endpoint has reduced the percent…

Activate your data responsibly in the era of AI with Microsoft Purview

Activate your data responsibly in the era of AI with Microsoft Purview

This week, teams across Microsoft Fabric and Microsoft Purview are gathered in Stockholm, Sweden, for the inaugural European Microsoft Fabric Community Conference. Attendees are in for an immersive experience with 130 sessions, 4 keynotes, 10 workshops, an expo hall, and a vibrant community lounge. The Microsoft Purview team and I are thrilled to showcase the…

​​Securing our future: September 2024 progress update on Microsoft’s Secure Future Initiative (SFI)

​​Securing our future: September 2024 progress update on Microsoft’s Secure Future Initiative (SFI)

In November 2023, we introduced the Secure Future Initiative (SFI) to advance cybersecurity protection for Microsoft, our customers, and the industry. In May 2024, we expanded the initiative to focus on six key security pillars, incorporating industry feedback and our own insights. Since the initiative began, we’ve dedicated the equivalent of 34,000 full-time engineers to SFI—making…

Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI

Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI

For security professionals and teams, AI offers a significant advantage, empowering organizations of all sizes and industries to tip the scales in favor of defenders. It also introduces new uncertainties and risks that require organizations to create a culture of security to stay protected. Now, more than ever, is the time to put security first….