Microsoft Security Saturday – 01/29/2022 (Sunday Edition)

Azure DDoS Protection—2021 Q3 and Q4 DDoS attack trendsMicrosoft mitigated an average of 1,955 attacks per day, a 40 percent increase from the first half of 2021. The maximum number of attacks in a day recorded was 4,296 attacks on August 10, 2021. In total, we mitigated upwards of 359,713 unique attacks against our global infrastructure during the second half of 2021, a 43 percent increase from the first half of 2021.

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFAWe have recently uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. We observed that the second stage of the campaign was successful against victims that did not implement multifactor authentication (MFA), an essential pillar of identity security.

Announcing general availability of vulnerability management support for Android and iOSToday, we are excited to announce the general availability of threat and vulnerability management support for Android and iOS in Microsoft Defender for Endpoint. With this new cross-platform coverage, threat and vulnerability management capabilities now support all major device platforms across the organization – spanning workstations, servers, and mobile devices.

How chief information security officers are preparing to tackle 2022To begin, the top five challenges shown below, as reported by survey takers, are very consistent with what I’m hearing in my regular interactions with customers and partners. 

Measure the effectiveness of your Microsoft security with AttackIQThe good news is that the MITRE ATT&CK framework provides cyber defenders with known tactics, techniques, and behaviors that adversaries use to conduct an attack. Today, Microsoft and AttackIQ are working together, including through the Microsoft Evaluation Lab, to automate testing using MITRE ATT&CK and a threat-informed defense. 

Azure Identities and Roles Governance Dashboard At Your FingertipsThe workbook is then divided into three main tabs, dedicated to the following perspectives: Azure AD application credentialsAzure AD roles and Azure Resource Manager roles. Looking at the first one, inside the Azure AD Credentials tab, we find other three sub-tabs, with the first one dedicated to application credentials that are about to expire. The expiration time range is adjustable as a filter. If you click on a specific credential, you can also verify which Azure AD/RM roles and scope this credential has.

The 2-Minute Recap: Everything new with Security, Compliance, and Identity on Microsoft LearnWelcome to our monthly blog series featuring the latest content updates on Microsoft Learn. This month, we’re highlighting Microsoft Defender for Business training in our Security, Compliance, and Identity portfolio.

What’s new: Earn your Microsoft Sentinel Black Belt Digital Badge!New for 2022, our Cloud Security Private Community Digital Badge program has introduced a new L5 Microsoft Sentinel Black Belt Digital Badge for you to earn and display proudly to show your prowess as a Microsoft recognized expert and contributor to the product.

Discover 3 ways to take a holistic approach to data protectionThis means extending data protection across all aspects of a business: people, places, processes, and products. Risk and security practitioners will benefit from an end-to-end data governance solution to help protect data, manage risks, and satisfy regulatory requirements.

Microsoft Sentinel: Maturity Model for Event Log Management (M-21-31) SolutionWe are excited to announce the Microsoft Sentinel: Maturity Model for Event Log Management (M-21-31) Solution. This solution consists of (1) Workbook, (8) Analytics Rules, (4) Hunting Queries, and (3) Playbooks.

Gartner® names Microsoft a Leader in the 2022 Magic Quadrant™ for Enterprise Information ArchivingThe Microsoft Compliance suite offers an integrated set of solutions to address the information risk and archiving challenges our customers face. We introduced multiple innovations over the past few years

What’s new in Microsoft Endpoint Manager – 2201 (January) editionThis month, I want to highlight three exciting new developments from the January release. First, we are pleased to announce simpler mobile security for iOS users as Microsoft Tunnel client functionality is added to the Microsoft Defender for Endpoint iOS app. Second, our filters capability enters general availability enabling IT admins to filter faster and more easily by device type, app, user, or scenario. Third, we are streamlining the process for app installation on macOS devices by enabling .DMG app installation in preview.

Build a privacy-resilient workplace with Microsoft PrivaTo help you with this challenge, we are excited to re-emphasize our commitment to helping organizations build a privacy-resilient workplace with Microsoft Priva, which was announced by Vasu Jakkal, Corporate Vice President of Microsoft Security, Compliance, and Identity, last year at Ignite. Microsoft Priva is the new brand of privacy solutions provided by Microsoft moving forward