Threat Intelligence

Accessing a third-party NAS with SMB in Windows 11 24H2 may fail

Heya folks, Ned here again. With the publication of Windows 11 24H2 Release Preview, customers are trying out the new OS prior to general availability. If you were in the Windows Insider Canary or Dev release program for the past few years, nothing I’m about to share is new. But if you weren’t and you’re now having issues […]

Accessing a third-party NAS with SMB in Windows 11 24H2 may fail Continue Reading

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

Multicloud computing has become the foundation for digital businesses, with 86% of organizations having already adopted a multicloud approach.1 However, for all its benefits around increased agility, flexibility, and choice, we also see unique challenges with multicloud—including the need to manage security, identity, and compliance across different cloud service providers (CSPs), ensure data portability, and

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy Continue Reading

Simplify triage with the new Alert Timeline

Every second counts when it comes to detecting and responding to potential security breaches, and in today’s ever-evolving cybersecurity landscape, tools that facilitate rapid triage and decision-making become essential for upholding strong security hygiene.     Today, we’re excited to introduce the latest feature to our rich reporting feature set —the alert timeline—a new view

Simplify triage with the new Alert Timeline Continue Reading

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives. Moonstone Sleet is observed to set up fake companies and

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks Continue Reading

Best Practices to Manage and Mitigate Security Recommendations

In the fast-evolving landscape of cloud security, Microsoft Defender for Cloud (MDC) stands as a robust Cloud Native Application Protection Platform (CNAPP). One of its standout features is the premium Cloud Security Posture Management (CSPM) solution, known as Defender CSPM. Among the myriads of advanced capabilities offered by Defender CSPM, the “Governance Rule” feature is

Best Practices to Manage and Mitigate Security Recommendations Continue Reading

Cyber Signals: Inside the growing risk of gift card fraud

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank account attached to them, which can lessen scrutiny of their potentially suspicious

Cyber Signals: Inside the growing risk of gift card fraud Continue Reading

You Are Real: More Secure Identity Verification

Why is Liveness Detection Crucial for Identity Verification Today? With the ubiquitous internet infrastructure and mobile networks providing a backbone for daily interactions, coupled with a sustained increase in remote activities post-pandemic, the need for robust identity verification mechanisms is more critical than ever. As individuals engage in a wide range of online transactions —

You Are Real: More Secure Identity Verification Continue Reading

Accelerate cloud security risk remediation with Microsoft Copilot for Security

As cloud environments experience rapid expansion, evolution, and increasing complexity, security teams face a significant and growing challenge in identifying, assessing, and remediating cloud security risks across multicloud environments and developer pipelines. With Copilot in Defender for Cloud, security teams can efficiently identify critical risks across their multicloud environments and developer pipelines and streamline remediation

Accelerate cloud security risk remediation with Microsoft Copilot for Security Continue Reading

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools to prioritize security. Today’s threat landscape is unlike

New Windows 11 features strengthen security to address evolving cyberthreat landscape Continue Reading

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Since mid-April 2024, Microsoft Threat Intelligence has observed the threat actor Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks. Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware. The observed activity begins with impersonation through voice phishing (vishing), followed by delivery of malicious tools,

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Continue Reading