A collaboration between CISA and Microsoft, will now expanded cloud logging capabilities at no additional charge to customers, enhancing cyber defense and incident response.
The National Security Agency (NSA) is warning of a known vulnerability in the Microsoft Windows secure startup process that malicious actors could use to bypass Secure Boot protection and execute BlackLotus malware.
It’s difficult for security teams to get executive buy-in to address the problem because measuring and improving AD security is challenging. There are several reasons why.
Microsoft has warned that Nobelium is currently conducting a phishing campaign after the Russian-backed group managed to take control of the account used by USAID on the email marketing platform Constant Contact. The phishing campaign has targeted around 3,000 accounts linked to government agencies, think tanks, consultants, and non-governmental organizations.
Microsoft has addressed companies who have not yet updated their systems to address the critical Zerologon flaw, a vulnerability in the cryptography of Microsoft's Netlogon process that allows an attack against Microsoft Active Directory domain controllers, making it possible for a hacker to impersonate any computer, including the root domain controller.
Microsoft has taken action to disrupt a botnet called Trickbot, one of the world’s most infamous botnets and prolific distributors of ransomware. Trickbot has infected over a million computing devices around the world since late 2016.