Collaborate Disseminate
A global survey of 6,724 security and IT workers published this week by BitDefender, a provider of a broad portfolio of cybersecurity software, suggests organizations are still struggling to come to terms with the cybersecurity implications of the COV… Continue reading Survey Finds Sluggish Cybersecurity Response to Pandemic
Not long ago, enterprise security could be organized neatly around the critical assets needing to be guarded. However, this “moat and fortress” model for cyberdefense is being demolished as the world turns to the cloud. This vanishing peri… Continue reading Adapting Security Response for Cloud Workloads
Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign prim… Continue reading Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers
In this post we address the question: “How do we make data gravity a reality in the security operations center (SOC) while we are under increased and constant pressure from motivated threat actors?”
The post Making it real—harnessing data gravity… Continue reading Making it real—harnessing data gravity to build the next gen SOC
Worldwide, organizations are significantly impacted by the existing security skills shortage, and things are only going to get worse. A Global Information Security Workforce Study from Cyber Safety and Education predicts a security staffing shortfall … Continue reading SOAR: Helping Maximize the Value of Your Security Team
Cyber thieves are continuously looking for new ways to get people to click on a bad link, open a malicious file, or install a poisoned update in order to steal valuable data. In the past, they cast as wide a net as possible to increase the pool of pote… Continue reading Small businesses targeted by highly localized Ursnif campaign
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF edito… Continue reading Attack inception: Compromised supply chain within a supply chain poses new risks
In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation… Continue reading Taking apart a double zero-day sample discovered in joint hunt with ESET
Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Ju… Continue reading Machine learning vs. social engineering
At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential… Continue reading How artificial intelligence stopped an Emotet outbreak