Security News

Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network. "This capability expansion enables organizations to discover, prioritize, and remediate both software and operating system vulnerabilities on devices running macOS," Microsoft Senior Product Manager Tomer Reisner said.

Researchers have identified new versions of the Agent Tesla remote access trojan that target the Windows anti-malware interface used by security vendors to protect PCs from attacks. The newly discovered variants have also adopted new obfuscation capabilities, raising the stakes for businesses to fend off the ever-evolving Agent Tesla malware.

Cymulate announced that it has joined the Microsoft Intelligent Security Association and has integrated Cymulate with Microsoft Defender for Endpoint. These integrations streamline the process of continuous security validation and prioritize remediation efforts, delivering operational efficiencies and better security to Microsoft customers.

Organizations with a remote workforce that rely on Microsoft Teams for a centralized workplace for collaboration, can add best-in-class Encryption and Rights Management to ensure automatic protection of sensitive data shared and accessed from Microsoft Teams. Seclore for Microsoft 365 offering allows organizations to automatically add persistent, granular usage controls to sensitive documents worked on in Microsoft Teams channels.

Two fresh business email compromise tactics have emerged onto the phishing scene, involving the manipulation of Microsoft 365 automated email responses in order to evade email security filters. In the read-receipts attack, a scammer creates an extortion email, and manipulates the "Disposition-Notification-To" email header to generate a read-receipt notification from Microsoft 365 to the recipient.

Microsoft's security services grew by $10 billion in 2020, as more companies began utilizing their cloud-based security services. Microsoft released the second quarter of the fiscal year 2021 earnings this week and beat consensus estimates by 7.36%. While most of this growth is attributed to Azure and Xbox, Microsoft's new blog post shows that security services are becoming a larger part of their revenue stream.

Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.'. Microsoft tracks hacking group as ZINC. In a new report, Microsoft states that they too have been tracking this threat actor, who they track as 'ZINC,' for the past couple of months as the hackers target pen testers, security researchers, and employees at tech and security companies.

The $10 billion figure, deliberately broken out during Microsoft CEO Satya Nadella's last earnings call, comes from what Redmond describes as "Advanced security and compliance offerings" sold to hundreds of thousands of corporate customers. For business analysts and industry watchers, the windfall is final confirmation that Microsoft has figured out its place as a prominent security vendor after multiple hits-and-misses over the years.

Microsoft has announced that Application Guard for Office is now generally available for all Microsoft 365 users with supported licenses. Application Guard for Office was launched in limited preview in November 2019 and it is only available to organizations that have Microsoft 365 E5 or Microsoft 365 E5 Security licenses.

This month a researcher has disclosed how he broke into the official GitHub repository of Microsoft Visual Studio Code. While riding a train, researcher RyotaK discovered a vulnerability in the VS Code's Continuous Integration script that let him break into Microsoft VS Code's official GitHub repository and commit files.