Microsoft Support & Discussions

We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs (case managers), attach additional files, track case and bug bounty status all in the Researcher Portal. Summary – What is Comms Hub? Comms Hub … We’re Excited to Announce the Launch of Comms Hub! Read More » Continue reading...

Microsoft is proud to promote Cybersecurity Awareness Month as part of our ongoing commitment to security for all. Year-round, Microsoft tracks nation-state threat activities to help protect organizations and individuals from these advanced persistent actors. We’re constantly improving our capabilities to bring better detections, threat context, and actor knowledge to our customers so they can improve their own defenses. To learn more about how Microsoft responds to nation-state attacks and how to defend your organization, watch the Decoding NOBELIUM docuseries. Hear directly from the frontline defenders who helped protect organizations against the most sophisticated atta…

The Microsoft Threat Intelligence Center (MSTIC) has detected nation-state activity associated with the threat actor tracked as NOBELIUM, attempting to gain access to downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations (referred to as “service providers” for the rest of this blog) that have been granted administrative or privileged access by other organizations. The targeted activity has been observed against organizations based in the United States and across Europe since May 2021. MSTIC assesses that NOBELIUM has launched a campaign against these organizations to exploit existing technical …

As workplaces around the world embrace hybrid work, Zero Trust provides the guiding strategy that keeps companies secure. However, no two organizations are alike. The Zero Trust journey will look unique for every organization that implements it. This means we must work together to create solutions that support the varied workplaces that exist today. At Microsoft, our mission is to create an amazing Zero Trust platform that protects our customers no matter what solutions they use. We realize that our customers use products that work well for them, and so we strive to meet them where they are. Our solutions are from Microsoft, but not just for Microsoft. To this end, …

As part of Cybersecurity Awareness Month, we published a special blog post earlier this week featuring real-world experiences shared by cybersecurity professionals: people with diverse backgrounds in law, academia, software development, and other seemingly unrelated fields. This topic is near and dear to my heart because I truly believe that diversity—people with diverse skills, backgrounds, cultures, and life experiences—is the key element for making the next generation of cybersecurity professionals even more effective. Today’s world is connected in ways we could only imagine 20 years ago. Digital transformation means the workplace, classrooms, retail outlets, and mo…

A phishing kit built using pieces of code copied from other kits, some available for sale through publicly accessible scam sellers or are reused and repackaged by other kit resellers, provides rich insight into the state of the economy that drives phishing and email threats today. We uncovered this phishing kit while examining an extensive series of credential phishing campaigns that all sent credentials to a set of endpoints operated by the attackers. We named the kit “TodayZoo” because of its curious use of these words in its credential harvesting component in earlier campaigns, likely a reference to phishing pages that spoofed a popular video conferencing applicatio…

Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Whether you’re an IT professional or a developer, you’re probably already using Microsoft Sysinternals utilities to help you manage, troubleshoot, and diagnose your Windows systems and applications. The powerful logging capabilities of Sysinternals utilities became indispensable for defenders as well, enabling security analytics and advanced detections. The System Monitor (Sysmon) utility, which records detailed information on the system’s activities in the Windows event log, is often used by security products …

Send Microsoft Edge promotional emails through a new feature in the Setup page of the Microsoft 365 admin center, titled “Get fast, secure browsing with Microsoft Edge”. This is expected to be released towards the end of October 2021 and will provide admins with the opportunity to encourage the use of Microsoft Edge in their organization by sending an email to their users. Admins will be provided with three options they can choose to include in the email they send to their users. A download link for Microsoft Edge Instructions on how to sign in and sync passwords, favorites, and settings Instructions on how to turn on security and performance features in Micr…

We are excited to share that Microsoft has been named a Leader in The Forrester New Wave: Extended Detection and Response (XDR), Q4, 2021,1 receiving one of the highest scores in the strategy category. Microsoft 365 Defender was rated as “differentiated” in seven criteria including detection, investigation, and response, and remediation. Forrester notes that “there is a deep divide in the XDR market between those far along the path and those just starting to deliver on the vision of XDR,” and that of mature providers “combine the best elements of their portfolios, including industry-leading products, to simplify incident response and build targeted, high-efficacy detec…

Are you currently studying information security? Or are you considering transitioning to a career in cybersecurity? According to the US Bureau of Labor Statistics, cybersecurity jobs will grow 31 percent from 2019 to 2029—more than six times the national average job growth.1 Cybersecurity skills are clearly in high demand. But more than that, cybersecurity is a rewarding career attracting many bright, passionate practitioners and leaders who are invested in making the world a better, more secure place. As part of Cybersecurity Awareness Month and this week’s theme on cybersecurity careers, we are focusing this blog on top experts in the industry who will share insights…

Microsoft is excited to announce new Azure Bounty Program awards up to $60,000 to encourage and reward vulnerability research focused on the highest potential impact to customer security. These increased awards are a part of our ongoing investment in partnership with the security research community, and an important part of Microsoft’s holistic approach to defending … New High Impact Scenarios and Awards for the Azure Bounty Program Read More » Continue reading...

Microsoft Teams has seen a surge in growth during the pandemic with over 115 million daily active users and growing.1 With it, customer imperative for enabling safe and trustworthy online collaboration has also increased significantly. The speed and simplicity of Teams business users creating new teams and channels demands that IT and security groups have advanced tools and controls they might need to ensure business-critical information is properly protected. archTIS’ NC Protect has integrated with Microsoft Information Protection (MIP) to empower IT and business owners to easily create secure teams and channels and enable guest access, enforcing Zero Trust policies a…

Congratulations to all the researchers recognized in this quarter’s MSRC Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2021 Q3 Security Researcher Leaderboard are: BugHunter010 (840 points), Callum Carney (828 points), and Nir Ohfeld (525 points)! Each quarterly leaderboard … Congratulations to the Top MSRC 2021 Q3 Security Researchers! Read More » Continue reading...

Microsoft is excited to announce the addition of Power Platform to the newly rebranded Dynamics 365 and Power Platform Bounty Program. Through this expanded program, we encourage researchers to discover and report high impact security vulnerabilities they may find in the new Power Platform scope to help protect customers. We offer awards up to $20,000 … Power Platform is Here! Introducing the Dynamics 365 and Power Platform Bug Bounty Program Read More » Continue reading...

As organizations move their computing from on-premises to the cloud, they realize that leveraging cloud-native security tools can provide additional cost savings and business benefits to their security infrastructure. Microsoft Azure network security offers a suite of cloud-native security tools to protect Azure workloads while automating network management, implementing developer security operations (DevSecOps) practices, and reducing the risk of a material security breach. We are excited to share that Forrester Consulting has just conducted a commissioned Total Economic Impact (TEI) study on behalf of Microsoft, which involved interviewing existing customers who have…

DEV-0343 is a new activity cluster that the Microsoft Threat Intelligence Center (MSTIC) first observed and began tracking in late July 2021. MSTIC has observed DEV-0343 conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on US and Israeli defense technology companies, Persian Gulf ports of entry, or global maritime transportation companies with business presence in the Middle East. Less than 20 of the targeted tenants were successfully compromised, but DEV-0343 continues to evolve their techniques to refine its attacks. MSTIC noted that Office 365 accounts with multifactor authentication (MFA) enabled are resilient against passwo…

Three years ago, as part of Microsoft’s mission to empower people and organizations to achieve more, we announced that we were incubating a new set of decentralized identity technologies based on a simple vision: Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used. During this incubation, customers and partners all around the world have helped us understand their challenges and the shortcomings of their existing identity systems. We’ve learned a ton through a set of successful …

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global Head of Security Research at Banco Santander. Daniel discusses how to use application security testing and testing standards to improve security. Natalia: What is an application security test and what does it entail? Daniel: Let’s say I have a traditional legacy banking application. Users can sign in using their web browser to gain access to financial details or funds, move money around, and…