Get full visibility of your software as a service (SaaS) app landscape and take control of your apps with Microsoft Defender for Cloud Apps which combines SaaS security posture management, data loss prevention, app to app protection and integrated threat protection to ensure holistic coverage for your apps
Since February 2023, Microsoft has observed a high volume of password spray attacks attributed to Peach Sandstorm, an Iranian nation-state group. In a small number of cases, Peach Sandstorm successfully authenticated to an account and used a combination of publicly available and custom tools for persistence, lateral movement, and exfiltration.
Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse.
Microsoft Inspire is an incredible opportunity to share all the ways AI can support security efforts with our partner ecosystem. Register to hear strategies to prepare your organization for AI with comprehensive security and security posture.
Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations for financial fraud, and did not use a reverse proxy like typical AiTM attacks.
Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure called REIGN, that’s designed to exfiltrate data from mobile devices.
Learn how Microsoft Security is transforming its cloud access security broker to a software as a service security solution, empowering organizations to adopt a modern approach to protecting cloud apps.