Another pretty light week of Microsoft Security News as the holiday’s wrap up. If you don’t have time to read all the articles make sure you prioritize the first one listed as it provides great insight into how Microsoft is fighting cybercrime.
Microsoft takes court action against fourth nation-state cybercrime group – On December 27, a U.S. district court unsealed documents detailing work Microsoft has performed to disrupt cyberattacks from a threat group we call Thallium, which is believed to operate from North Korea. Our court case against Thallium, filed in the U.S. District Court for the Eastern District of Virginia, resulted in a court order enabling Microsoft to take control of 50 domains that the group uses to conduct its operations. With this action, the sites can no longer be used to execute attacks.
Azure Security Benchmarks – Learn how to secure your cloud solutions on Azure with our best practices and guidance.
Ingesting Alien Vault OTX Threat Indicators into Azure Sentinel – One of the key capabilities of Azure Sentinel has always been its ability to work with data from multiple sources including Threat Indicator Providers who can provide their data directly into the environment via the Microsoft Security Graph. But what if you have a source of indicators or other enrichment data that you want to use in Azure Sentinel but no connector to ingest it with?
Enforcement of TLS 1.2 for connections to Microsoft Defender ATP – To maintain the highest security standards and provide the best-in-class encryption to our customers, Microsoft Defender ATP is deprecating the use of TLS 1.0 and 1.1. Customers and partners will be required to use TLS 1.2 and above for all communications with their API integrations.
Featured picture courtesy of Microsoft Security Blog