Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
Microsoft Internal Solorigate Investigation – Final Update
by Guest MSRC Team- 0 replies
- 0 views
We believe the Solorigate incident is an opportunity to work with the community, to share information, strengthen defenses and respond to attacks. We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer … Microsoft Internal Solorigate Investigation – Final Update Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
We believe the Solorigate incident is an opportunity to work with the community, to share information, strengthen defenses and respond to attacks. We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidence of access to production services or customer data.
Last reply by Cloaked, -
-
6 strategies to reduce cybersecurity alert fatigue in your SOC
by Guest Teri Seals-Dormer- 0 replies
- 0 views
Today, organizations are faced with the increasingly difficult task of trying to protect their expanding digital estate from sophisticated cybersecurity threats. Migration to the cloud and a mobile workforce has dissolved the network boundary and projected the digital estate beyond its traditional confines. Data, users, and systems are everywhere. Additionally, these systems are increasingly domiciled in the cloud and generating a considerable amount of security data. To add to this, on average, companies with over 1,000 employees maintain about 70 security products from 35 different vendors, according to a recent report by CCS Insight. The end result? A vast amount of al…
-
Afternoon Cyber Tea: Evaluating individual and organizational cyber risk in a pandemic
by Guest Lauren Goodwin- 0 replies
- 0 views
Cybersecurity professionals find themselves in high demand as organizations worldwide continue to grapple with how to secure millions of remote workers. James Turner is an industry analyst at CISO Lens and served as an adjudicator from 2017 to 2019 for the Australian government’s cyber war games: Operation Tsunami. In this episode of Afternoon Cyber Tea, James and I talk about how the COVID-19 pandemic has accelerated the critical need for cooperation across the cybersecurity industry, as well as the need for strengthening communication between governments and private organizations. Our discussion really examines how the pandemic has pushed organizations toward greater…
-
A playbook for modernizing security operations
by Guest Lauren Goodwin- 0 replies
- 0 views
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post from our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Dave Kennedy, Founder and Chief Technology Officer at Binary Defense. Dave shares his insights on security operations—what these teams need to work effectively, best practices for maturing the security operations center (SOC), as well as the biggest security challenges in the years to come. Natalia: What are the standard tools, roles, frameworks, and services for a security operations team? What are the b…
-
Web shell attacks continue to rise
by Guest Eric Avena- 0 replies
- 0 views
One year ago, we reported the steady increase in the use of web shells in attacks worldwide. The latest Microsoft 365 Defender data shows that this trend not only continued, it accelerated: every month from August 2020 to January 2021, we registered an average of 140,000 encounters of these threats on servers, almost double the 77,000 monthly average we saw last year. Figure 1. Web shell encounters on servers The escalating prevalence of web shells may be attributed to how simple and effective they can be for attackers. A web shell is typically a small piece of malicious code written in typical web development programming languages (e.g., ASP, PHP, JSP) that a…
-
MSRC Security Researcher Recognition: 2021
by Guest Sylvie Liu- 0 replies
- 0 views
Wondering how to get into the 2021 MSRC Most Valuable Security Researcher list and get recognized during the Black Hat USA this August? Read on to learn more about the different paths you can take to get into the top researcher tiers. The MSRC Most Valuable Security Researcher (MVR) and MSRC Contributor are tiers in … MSRC Security Researcher Recognition: 2021 Read More » Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
Wondering how to get into the 2021 MSRC Most Valuable Security Researcher list and get recognized during the Black Hat USA this August? Read on to learn more about the different paths you can take to get into the top researcher tiers. The MSRC Most Valuable Security Researcher (MVR) and MSRC Contributor are tiers in the Researcher Recognition Program which annually recognize researchers for impactful contributions, considering report impact, accuracy and volume.
Last reply by Cloaked, -
-
Multiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
by Guest MSRC Team- 0 replies
- 1 view
Today Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term. We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move … Multiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094, and CVE-2…
-
Continuing to Listen: Good News about the Security Update Guide API!
by Guest Lisa Olson- 0 replies
- 0 views
Based on user feedback we have simplified programmatic access to the security update data by removing the authentication and API-Key requirements when using the CVRF API. You will no longer have to log in to obtain a personal API key to access the data. We’re happy to make this valuable public information more freely available … Continuing to Listen: Good News about the Security Update Guide API! Read More » Continue reading...
-
Multiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
by Cloaked-
- FPCH Admin
- 0 replies
- 0 views
Today Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term.
Last reply by Cloaked, -
-
-
- FPCH Admin
- 0 replies
- 1 view
Based on user feedback we have simplified programmatic access to the security update data by removing the authentication and API-Key requirements when using the CVRF API. You will no longer have to log in to obtain a personal API key to access the data. We’re happy to make this valuable public information more freely available and accessible.
Last reply by Cloaked, -
-
Deploying, managing, and supporting Windows 10 on ARM in the enterprise
by Guest Steve Thomas (GLADIATOR)- 0 replies
- 0 views
Windows 10 on ARM devices carry the same productivity as the Windows 10 operating system you know and love. We’ve been working closely with OEM partners and Surface to bring Windows 10 on ARM benefits to the world—from form factor evolution with thin and light designs to increased battery capabilities, LTE connectivity, and integrated eSIM support to name a few. Over the last few years, we’ve continued to innovate with ARM. From a software perspective, we have tailored Windows to take advantage of the ARM processors’ unique capabilities and provide a strong PC experience. For example, Windows takes advantage of the ARM processor to provide longer battery life when …
-
Why threat protection is critical to your Zero Trust security strategy
by Guest Lauren Goodwin- 0 replies
- 0 views
The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in helping act as the foundation of their modern cybersecurity strategy. As a result, cybercriminals have shifted their focus and identities are increasingly under attack. In this infographic, we explore how this shift is affecting IT leaders and how Microsoft can help apply threat protection to proactively prevent identity compromise and reduce alert fatigue. There’s been a significant increase in identity-based attacks. As IT leaders rely more heavily on identity in their security strategies, cybercrimin…
-
-
- FPCH Admin
- 0 replies
- 500 views
Microsoft’s response to Solorigate Since December, the United States, its government, and other critical institutions including security firms have been addressing the world’s latest serious nation-state cyberattack, sometimes referred to as ‘Solorigate’ or ‘SUNBURST.’ As we shared earlier this is a moment of reckoning for our industry and needs a unified response of defenders across public and private sectors. Microsoft is committed to protecting our customers and safeguarding our communities and we are proud to partner with industry partners to respond to this attack and strengthen our collective defenses. We believe transparency and clarity are important for strong …
Last reply by AWS, -
-
Automating and operationalizing data protection with Dataguise and Microsoft Information Protection
by Guest Lauren Goodwin- 0 replies
- 1 view
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In technical literature, the terms data discovery, classification, and tagging are sometimes used interchangeably, but there are real differences in what they actually mean—and each plays a critical role in an enterprise data protection strategy. Data discovery is the process of reporting information about the sensitivity of a data object. The granularity of reporting typically includes what type of sensitive information is found, exactly where it is found, along with the exact cardinality of sensitive data elements. Data classification is the associat…
-
Modernizing your network security strategy
by Guest Lauren Goodwin- 0 replies
- 0 views
From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones we can, and are changing across the cybersecurity landscape. For example, to facilitate remote work and maintain business continuity, organizations are moving more of their apps to the cloud and delivering SaaS experiences. We know, however, that cybercriminals are taking advantage of this shift. We have seen them increase DDoS attacks, ransomware, and phishing campaigns. So how do you, as a cybersecurity professional help your organization facilitate remote work while strengthening…
-
Afternoon Cyber Tea: Privacy, the pandemic, and protecting our cyber future
by Guest Lauren Goodwin- 0 replies
- 0 views
Much of our everyday life has moved online with the pandemic continuing to play a role in how we work and communicate with others. This migration has meant that security and privacy continue to remain top-of-mind for both security professionals and those who may not have given these cyber issues a second thought once before. In this episode of Afternoon Cyber Tea, I had a chance to talk about this impact with cybersecurity expert Theresa Payton, CEO of Fortalice Solutions and co-founder of Dark Cubed. In our discussion, we focus on Theresa’s experience with election security, social engineering, and about her book “Manipulated: Inside the Cyberwar to Hijack Election…
-
New and Improved Report Abuse Portal and API!
by Guest MSRC Team- 0 replies
- 0 views
The Report Abuse (CERT) Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful perspectives into the various types of attacks that threaten our online services, our cloud, and our customers. To further commit to MSRC’s mission of responding to and defending against these types of security incidents, our team has … New and Improved Report Abuse Portal and API! Read More » Continue reading...
-
Recent enhancements for Microsoft Power Platform governance
by Guest Lauren Goodwin- 0 replies
- 0 views
An emerging trend in digital transformation efforts has been the rise of low-code development platforms. Of course, these low-code platforms must be grounded in best-of-breed governance capabilities which include security and compliance features. Without strong governance, the full benefits of low-code development cannot be realized. It’s only natural that any low-code platform chosen by an organization must have strong security and compliance capabilities. Microsoft has developed the Power Platform which includes Power Apps, Power Automate, Power Virtual Agents, and Power BI to serve our customer’s needs for a robust low-code development platform that includes app develo…
-
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
by Guest Eric Avena- 0 replies
- 0 views
From March to December 2020, we tracked segments of a dynamically generated email infrastructure that attackers used to send more than a million emails per month, distributing at least seven distinct malware families in dozens of campaigns using a variety of phishing lures and tactics. These campaigns aimed to deploy malware on target networks across the world, with notable concentration in the United States, Australia, and the United Kingdom. Attackers targeted the wholesale distribution, financial services, and healthcare industries. By tracing these campaigns, we uncovered a sprawling infrastructure that is robust enough to seem legitimate to many mail providers, wh…
-
-
- FPCH Admin
- 0 replies
- 1 view
The Report Abuse (CERT) Portal and Report Abuse API have played a significant role in MSRC’s response to suspected cyberattacks, privacy issues, and abuse originating from Microsoft Online Services. With the contributions from our wonderful community of reporters, we continue to gain insightful perspectives into the various types of attacks that threaten our online services, our cloud, and our customers.
Last reply by Cloaked, -
-
Update Baseline joins the Security Compliance Toolkit
by Guest Kay_Toma- 0 replies
- 1 view
We are excited to announce that the Update Baseline is now a part of the Security Compliance Toolkit! If you're not yet familiar with this great tool, the Update Baseline offers Microsoft’s set of recommended policy configurations for Windows Updates to help you: Ensure that the devices on your network receive the latest monthly security updates in a timely manner. Provide a great end user experience throughout the update process. The Update Baseline includes Windows Update policies as well as power and Delivery Optimization policies—all designed to streamline the update process, improve patch compliance, and help ensure your devices stay secure. In fact, device…
-
Why operational resilience will be key in 2021, and how this impacts cybersecurity
by Guest Lauren Goodwin- 0 replies
- 0 views
The lessons we have learned during the past 12 months have demonstrated that the ability to respond to and bounce back from adversity in general, can impact the short-and long-term success of any organization. It can even dictate the leaders and laggards in any industry. When we take into consideration that as security threats also become more daunting, with many organizations remaining in a remote work environment, global organizations must reach a state where their core operations and services are not disrupted by unexpected changes. The key to success in surviving any unforeseen circumstances in 2021, will be operational resiliency. Operational resilience is the …
-
ZINC attacks against security researchers
by Guest Eric Avena- 0 replies
- 0 views
In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations. This ongoing campaign was reported by Google’s Threat Analysis Group (TAG) earlier t…