Microsoft’s new incident response playbooks cover specific campaigns and common attack vectors
These guides contain practical advice on how to prevent attacks, as well as handy resources such as security checklists.
A Microsoft spokesperson confirmed to The Daily Swig that more guides will be released via the Azure Active Directory Identity Blog.
“We constantly provide guidance on a wide range of topics and get very positive feedback from our customers,” the spokesperson said.
Encouraging move
Speaking to The Daily Swig, George Daglas, chief operating officer at Obrela Security Industries, said the move by Microsoft has come at the right time.
Microsoft warns on-prem customers to protect own identity infrastructure crn.com.au - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from crn.com.au Daily Mail and Mail on Sunday newspapers.
Microsoft On-Premises Warning: Customers Must Protect Their Own Identity Infrastructure
‘We were also reminded of the importance of cloud technology over on-premises software. Cloud technologies like Microsoft 365, Azure and the additional premium layers of services available as part of these solutions improve a defender’s ability to protect their own environment,’ writes Vasu Jakkal, Microsoft’s corporate vice president of security, compliance and identity, in a blog post. By Mark Haranas, Michael Novinson, Steven Burke February 19, 2021, 01:21 PM EST
Microsoft is urging customers to embrace the cloud for security, warning customers with on-premises services that they are responsible for protecting their own identity infrastructure.
Tenable To Buy Active Directory Security Startup Alsid For $98M
French startup Alsid leverages dynamic threat scoring and complexity ratings to recommend Active Directory remediations that don’t require the deployment of agents or the leveraging of privileged accounts. By Michael Novinson February 10, 2021, 09:36 AM EST
Tenable has agreed to purchase cybersecurity startup Alsid for $98 million to help customers find and fix security weaknesses in Microsoft’s Active Directory in real time.
The Columbia, Md.-based vulnerability management firm said its proposed acquisition of Paris, France-based Alsid will allow organizations to discover new attack pathways and detect Active Directory attacks in real time. Alsid leverages dynamic threat scoring and complexity ratings to recommend remediations that don’t require the deployment of agents or the leveraging of privileged accounts, Tenable said.
Top Treasury Email Accounts Exposed In SolarWinds Hack: Report
The hackers performed a complex step inside Microsoft Office 365 to create an encrypted “token” that tricked the Treasury’s system into thinking the hackers were legitimate users, The New York Times said. By Michael Novinson December 21, 2020, 10:12 PM EST
The SolarWinds hackers seized upon a Microsoft flaw to infiltrate the email system used by the U.S. Treasury Department’s senior leadership, The New York Times reported.
Dozens of Treasury email accounts were compromised, including those in the departmental offices division, where the most senior officials operate, Sen. Ron Wyden, D-Ore., told the Times on Monday. Hackers gained access to the Treasury’s email system in July by manipulating internal software keys, and the breach came to light from Microsoft, which runs much of Treasury’s communications software.