Digital Security Tips and Solutions - Microsoft Security Blog

Microsoft Security

Microsoft Security

Sign in

October 4, 2022 • 6 min read

Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart

September 30, 2022 • 7 min read

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

Group of people at a conference table with laptops who appear to be have a healthy and positive discussion or meeting.

September 29, 2022 • 8 min read

How one product manager builds community at Microsoft Security

In this interview, Principal Product Manager Joey Cruz explains how his military experience inspires his work protecting customers in identity and access management at Microsoft.

Business decision maker using mobile phone to complete multi-factor authentication to prepare to work from home.

September 29, 2022 • 5 min read

CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach

Mastercard Deputy Chief Security Officer Alissa “Dr. Jay” Abdullah, Ph.D., shares insights on why identity and access management is necessary and strategies for securing identities.

September 29, 2022 • 12 min read

ZINC weaponizing open-source software

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

Malicious OAuth applications used to compromise email servers and spread spam Preview link: https://www.microsoft.com/security/blog/?p=122401&preview=1&_ppp=261288b93e Permalink: https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/

September 22, 2022 • 11 min read

Malicious OAuth applications abuse cloud email services to spread spam

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.

Male business professional standing on subway looking at smart phone mobile device.

September 21, 2022 • 7 min read

Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices

A fake mobile banking rewards app delivered through a link in an SMS campaign has been making the rounds, targeting customers of Indian banking institutions. Users who install the mobile app are unknowingly installing an Android malware with remote access trojan (RAT) capabilities.

Practitioner and CISO collaboration in a security operations center.

September 21, 2022 • 6 min read

The art and science behind Microsoft threat hunting: Part 2

In this follow-up post in our series about threat hunting, we talk about some general hunting strategies, frameworks, tools, and how Microsoft incident responders work with threat intelligence.

Business person uses Dell 7520 2-in-1 connected to dual monitors at their home office.

September 20, 2022 • 7 min read

New Windows 11 security features are designed for hybrid work

With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security. We're proud to announce the new security features you heard about this spring are now available.

Team collaboration during a meeting at the office.

September 15, 2022 • 5 min read

Test your team’s security readiness with the Gone Phishing Tournament

In partnership with Microsoft, Terranova created the Gone Phishing Tournament, an online phishing initiative that uses real-world simulations to establish accurate phishing clickthrough rates and additional benchmarking statistics for user behaviors.

Microsoft Cyber Defense Operations Center.

September 14, 2022 • 4 min read

Implementing a Zero Trust strategy after compromise recovery

After a compromise recovery follows what we call a Security Strategic Recovery. This is the plan for moving forward to get up to date with security posture all over the environment. The plan consists of different components like securing privileged access and extended detection and response, but it all points in the same direction: moving ahead with Zero Trust Strategy over traditional network-based security.

Chief information security officer presents to the board of executives on security topics.

September 8, 2022 • 7 min read

The art and science behind Microsoft threat hunting: Part 1

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities.

September 8, 2022 • 20 min read

Microsoft investigates Iranian attacks against the Albanian government

Shortly after the destructive cyberattacks on the Albanian government in mid-July, the Microsoft Detection and Response Team (DART) was engaged to lead an investigation into the attacks.

1
2
3
…
248
Next Page