• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Microsoft Seriously Beefs Up Security in Windows Server 2019

Microsoft Serves Security Updates as Attacks Cook

March 16, 2021
Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

April 22, 2021
Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

April 22, 2021
8×8 makes raft of updates to platform

Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

April 22, 2021
Microsoft renames and unifies more products under Microsoft Defender brand

UK government signs new three-year Memorandum of Understanding with Microsoft

April 22, 2021
Azure Stack, AWS Outposts Poised to Impact Colocation

Aruba accelerates digital transformation from edge to cloud on Microsoft Azure.

April 22, 2021
How to set up Microsoft Cloud App Security

Eurotech Collaborates with Infineon Technologies, Microsoft, and Globalsign for ’Chain of Trust’ Security Solution for the IoT Device Identities

April 22, 2021
GHD accelerates digital transformation to ensure business continuity

ONUG to Address Enterprise Cloud, Cloud Native DevOps, Security & Automation at Biannual Spring 2021 Event

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

April 22, 2021
Microsoft continues to extend security for all with mobile protection for Android

HVR Launches Agent as a Service for Microsoft Azure, Establishes Highly Available, Secure and Performant Real-Time Replication Environment for Enterprise Modernization

April 22, 2021
Hackers Cryptojack Microsoft Azure ML Clusters

6clicks partners with Microsoft to bring greater security to Aus Government

April 22, 2021
Seattle Seahawks Shift From Microsoft Azure to Amazon Web Services

Security should start in software engineering

April 21, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, April 22, 2021
  • Login
Azure Security News
  • Home
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Juniper Networks extends connected security with two new updates

    5 channel partner program and MSP News update 21 April . 2021

    Automate Evidence Collection With Hypersync

    CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Device Connectivity and Edge Intelligence in Resource-Constrained Situations

    8×8 makes raft of updates to platform

    Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

    Microsoft renames and unifies more products under Microsoft Defender brand

    UK government signs new three-year Memorandum of Understanding with Microsoft

    Azure Stack, AWS Outposts Poised to Impact Colocation

    Aruba accelerates digital transformation from edge to cloud on Microsoft Azure.

    How to set up Microsoft Cloud App Security

    Eurotech Collaborates with Infineon Technologies, Microsoft, and Globalsign for ’Chain of Trust’ Security Solution for the IoT Device Identities

    GHD accelerates digital transformation to ensure business continuity

    ONUG to Address Enterprise Cloud, Cloud Native DevOps, Security & Automation at Biannual Spring 2021 Event

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

    Microsoft continues to extend security for all with mobile protection for Android

    HVR Launches Agent as a Service for Microsoft Azure, Establishes Highly Available, Secure and Performant Real-Time Replication Environment for Enterprise Modernization

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    Cisco, Google, Microsoft Lead Chorus of New Security Initiatives

    Windows 10 21H1: A small but significant update, with bigger changes to come in 21H2

    Microsoft Touts Secured-Core PCs To Block Driver Exploits

    KDDI Taps Cato SASE for Secure Remote Access

    Juniper Networks inspires overarching approach to connected security

    Going serverless? Rethink your data security approach

    Juniper Networks inspires overarching approach to connected security

    Introducing the Azure Network Security Tech Community and Github Repo

    Cisco, Google, Microsoft Lead Chorus of New Security Initiatives

    Azure WAF Custom Rule Samples and Use Cases

    Aruba ClearPass Policy Manager Integrates with Microsoft

    How Microsoft Is Powering Digital Transformation From the Cloud

    Part 4 – Data Disclosure and Exfiltration Playbook: Azure WAF Security Protection and Detection Lab

    The Mountain Of A Manager

    Microsoft offers startups free cloud tech

    Microsoft Launches Host of Security Products in Time for RSA

    The 14 Best Cloud Security Courses on Pluralsight

    Microsoft Adds Anti-Phishing ‘Campaign Views’ to Office 365 ATP

    How 4 cities are modernizing their IT infrastructure through the cloud

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News Science

Microsoft Serves Security Updates as Attacks Cook

by AZURE SECURITY NEWS EDITOR
March 16, 2021
in Science
0
Microsoft Seriously Beefs Up Security in Windows Server 2019
491
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Microsoft leaned heavily on updates to its zero-trust security features as part of this week’s Ignite event, which came on the heels of a corporate breach tied to the SolarWinds attacks and a new breach found just this week.

Many of this week’s announcements were tied to Microsoft’s zero trust initiatives, which Vasu Jakkal, corporate VP for security, compliance, and identity at Microsoft said during her presentation was “the cornerstone of effective protection and the foundation for security.”

One of Microsoft’s big moves was its launch of a new Threat Analytics component for its 365 Defender platform. Andrew Conway, GM for security marketing at Microsoft, explained that this provides curated threat intelligence reports, “highlighting specific threats, like the recent SolarWinds attack,” within the extended detection and response (XDR) platform.

“In addition to documentation describing the threat source from both Microsoft threat experts and the broader industry, it includes the relevant incidents and alerts associated with this threat … and it recommends the mitigation and remediation steps” that a user can take, Conway added.

Microsoft also noted that its Defender for Endpoint and Defender for Office 365 products now allow customers to investigate and remediate threats from the 365 Defender portal. This provides a single pane of glass to monitor alerts, investigations, and analysis of those threats. And it has made that user experience common between 365 Defender and Microsoft’s Azure Sentinel cloud-native security information and event management (SIEM) tool.

Passwordless Moves

The vendor’s Azure Active Directory (Azure AD) service now offers passwordless authentication options for cloud and hybrid environments. These include biometrics, a tap using Windows Hello for Business that runs on the Microsoft Authenticator application, or a physical security key that runs the FIDO2 security specification. Microsoft also launched a preview of its Temporary Access Pass system that generates a time-limited code to set up or recover passwordless credentials.

The Azure AD Conditional Access policy engine also now uses now uses authentication context to enforce more granular policies based on user actions within the application they are using or sensitivity of data they are trying to access. Microsoft notes that this move helps customers to apply the appropriate protection rules without restricting access to less sensitive content.

Microsoft is also on the verge of launching a preview of an Azure AD verifiable credentials option that will allow organizations confirm someone’s information without collecting and storing that personal data.

David Mahdi, senior director and analyst at Gartner, noted in an email to SDxCentral that the passwordless updates could drive the market “further down the path of eliminating passwords,” and “perhaps, to a more ‘natural’ state of authentication and access.”

“Furthermore, due to the ubiquity of Microsoft in the enterprise, having a GA passwordless approach could be seen as low hanging fruit for many enterprises that were on the fence(in investing in this area,” Mahdi added.

SolarWinds Overhang

Microsoft liberally sprinkled references to the recent SolarWinds breach on its most recent updates, and also provided more insight into the wide-ranging attack.

The cloud giant was hit especially hard by the breach and had previously admitted that attackers stole source code for three of its products (but didn’t hack any customers’ information).

Tom Burt, corporate VP of customer security and trust, explained as part of a question-and-answer session with Jakkal at the Ignite event, that Microsoft’s Threat Intelligence Center (MSTIC) was able to tap into the 8 trillion signals that come in each day to Microsoft and look for patterns of activity “that this nation-state actor would leave behind as a trail that showed that some of our customers were compromised.”

“It was hard to find. This actor was good,” Burt said. “They were hiding in the network traffic. They were closing the doors that they opened when they no longer needed them. But our teams were able to find these traces and hints sufficiently so that we could notify our customers when we knew they’d been compromised.”

Paul Webber, senior director and analyst at Gartner, in an email to questions said that Microsoft was “refreshingly direct” about its need to “respond to an increase in both cybercrime and nation-state attacks originating from China, Russia, Iran, and North Korea.”

“This was an opportunity for Microsoft to  promote the  activities of its ‘MSTIC’  threat intelligence center and the vast array  of  data and  intelligence that it can leverage in thwarting  cybercrime but also now  indicating that Microsoft is willing to also use these capabilities to assist in defense against nation state actors too,” Webber added.

Peter Firstbrook, VP and analyst at Gartner, noted in an email to SDxCentral that while he had not been following Microsoft’s specific announcements from the Ignite event, that he felt the vendor’s “overall commitment to security has never been better.”

“SolarWinds was an excellent learning experience for the entire industry,” Firstbrook wrote. “Microsoft was well positioned to detect it earlier and I expect that knowledge will drive their roadmap.”

Latest China-Based Attack

That roadmap might also include learnings from a new attack that hit Microsoft customers using its Exchange email server. This zero-day attack targeted on-premises versions of Exchange and allowed access to email accounts and the ability for additional malware to be installed into a corporate system to “facilitate long-term access to victim environments.”

Microsoft rolled out a handful of patches for the flaw, and “strongly urged customers to update on-premises systems immediately.” Volexity and Dubex were also part of finding the bugs.

While SolarWinds was tied to Russia-based attackers, MSTIC attributed this latest attack to the China-based and state-sponsored HAFNIUM group. Microsoft explained that the group primarily targets U.S.-based entities and “has previously compromised victims by exploiting vulnerabilities in internet-facing servers, and has used legitimate open-source frameworks, like Covenant, for command and control.”

“Hopefully, Microsoft can continue to leverage its considerable resources and reach to make more interventions and next time perhaps even thwart the more sophisticated nation-state attacks before they have had time to compromise so many systems and affected so many organizations as we saw in the SolarWinds attacks,” Gartner’s Webber added.

Reference:https://www.sdxcentral.com/articles/news/microsoft-serves-security-updates-as-attacks-cook/2021/03/

Share196Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

8×8 makes raft of updates to platform

Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

by AZURE SECURITY NEWS EDITOR
April 22, 2021
0

Sysinno Technology Inc., an Innodisk shareholding company, is excited to announce that their iAeris line of indoor air quality detectors will...

Microsoft Seriously Beefs Up Security in Windows Server 2019

Microsoft Launches a New Communication Platform with Azure Communication Services

by AZURE SECURITY NEWS EDITOR
April 16, 2021
0

By Steef-Jan Wiggers and Azure Security News During its annual Ignite Conference, Microsoft announced Azure Communication Services (ACS), a fully-managed communication platform. The...

Microsoft Azure Forms Collaboration to Enhance AI in Healthcare

Cloud Workload Protection Platforms Software Market Business Ryevenue, Future Growth, Top Competitors – Trend Micro Deep Security, Trend Micro, Oracle, Armor Cloud Security, Nutanix Beam, Google, etc

by AZURE SECURITY NEWS EDITOR
April 7, 2021
0

By anita and Azure Security News Cloud Workload Protection Platforms Software Market Report comprises of the basic data connected to...

Microsoft To Build New Azure Cloud Data Centers In Greece

Machine Learning and Azure Sphere

by AZURE SECURITY NEWS EDITOR
April 2, 2021
0

The Internet of Things (IoT) is arriving at pace, enabling new applications and business models across many consumer, enterprise, and industrial sectors. When...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Analyzing Azure Active Directory Sign-In Data with PowerShell

December 18, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

April 22, 2021
Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

April 22, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In