Last Update: Sep 07, 2023
Microsoft Defender for Endpoint (MDE, previously known as Microsoft Defender Advanced Threat Protection) is Microsoft’s endpoint security platform that goes far and beyond the traditional anti-malware engine and firewall to protect against the modern cybersecurity threats an organization faces. An evolving solution since it was first announced in 2016, MDE is part of the Microsoft…
Last Update: Aug 30, 2023
Microsoft Defender for Endpoint has announced that Device isolation and Antivirus scanning capabilities are now available in preview for macOS and Linux devices. The new response actions should help to protect organizations against security threats. The device isolation feature blocks the compromised device from connecting to the corporate network. Meanwhile, Microsoft Defender for Endpoint continues…
Last Update: Aug 29, 2023
Zero Trust is a security model that can be applied to Microsoft 365. It focuses on improving security by verifying and testing both the identity and device before granting access to resources. You can think of Zero Trust as a way of working, wherein you take it for granted that every user and device accessing…
Last Update: Aug 29, 2023
After the successful SolarWinds attack in 2020 where attackers gained access to Microsoft’s systems, Microsoft changed its approach and aligned with the National Institute of Standards and Technology’s (NIST) zero trust architecture. In this article, we’re going to detail how Microsoft’s zero trust approach leverages Azure Active Directory and Identity and Access Management to enable cloud…
Last Update: Aug 23, 2023
Hackers are targeting unpatched Microsoft systems with publicly available SMBGhost PoC code.
Microsoft has fixed a critical vulnerability that could let hackers gain unauthorized access to sensitive data and cross-tenant applications managed by Azure AD. The fix comes shortly after security researchers criticized Microsoft for its “grossly irresponsible” cybersecurity practices. In a post on LinkedIn, Amit Yoran, the CEO of the security firm Tenable, called out Microsoft…
Microsoft has issued a security advisory about a new Russia-linked hacking group dubbed Midnight Blizzard. The threat actors used Microsoft Teams chat to launch social engineering campaigns (which started in late May) that affected dozens of organizations. According to the Microsoft threat intelligence team, the hackers (known as APT29) pretend to be technical support staff…
Microsoft has announced that the malware scanning capability will become generally available on September 1. The new agentless SaaS solution will be available as an add-on for Microsoft Defender for Storage customers and will cost $0.15 (USD)/GB of data scanned. Microsoft Defender for Storage is a security solution that identifies unusual attempts to access or…
Microsoft has announced a new strategic partnership with Samsung to enhance mobile security for business customers. The companies have unveiled a new mobile hardware-backed device attestation solution that works seamlessly on company-owned and personal Samsung Galaxy devices. Device attestation is a security process used to verify the authenticity and integrity of a device before allowing…
Microsoft announced yesterday that firmware security advisories are now available for the Microsoft Defender Vulnerability Management service. The new feature enables organizations to continuously monitor firmware security advisories based on information from vendors’ websites and inventories as well as third-party websites. Microsoft Defender Vulnerability Management is a service that allows customers to discover critical vulnerabilities…