Microsoft Security Saturday – 04/30/2022

Microsoft finds new elevation of privilege Linux vulnerability, NimbuspwnMicrosoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could allow an attacker to elevate privileges to root on many Linux desktop endpoints. The vulnerabilities can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, and perform other malicious actions via arbitrary root code execution.

Microsoft best practices for managing IoT security concernsWhen designing an IoT solution, it is important to understand the potential threats within the design. This will provide an opportunity to integrate security and risk diligence in each step of the design lifecycle, as well as harden and maintain your solution’s security protocols.

Enhanced antimalware engine capabilities for Linux and macOSWe are announcing a significant upgrade to our next-generation protection on Linux and macOS with a new, enhanced engine – now available in public preview!

Enhanced Antimalware Protection in Microsoft Defender for Endpoint AndroidWe are excited to share major updates to the Malware protection capabilities of Microsoft Defender for Endpoint on Android. These new capabilities form a major component of your next-generation protection in Microsoft Defender for Endpoint. This protection brings together machine learning, big-data analysis, in-depth threat research, and the Microsoft cloud infrastructure to protect Android devices (or endpoints) in your organization.

Announcing the Microsoft Sentinel: Cybersecurity Maturity Model Certification (CMMC) 2.0 SolutionAre you interested in maturing your security operations center capabilities? Do you need to align your cloud, multi-cloud, on-premises, and hybrid workloads for CMMC 2.0 compliance? We are pleased to announce the next evolution of the Microsoft Sentinel Cybersecurity Maturity Model Certification 2.0 Solution.

The 2-Minute Recap: Everything new with Security, Compliance, and Identity on Microsoft Learn Welcome to our monthly blog series featuring the latest Microsoft Security, compliance, and identity content updates on Microsoft Learn. This month, we’re highlighting the rebranding of our Microsoft 365 compliance and Azure Purview data governance products into the all new Microsoft Purview.

How will government actions on IoT security impact the decisions I make today? Government regulation of IoT is relatively new and still taking shape, creating a complicated and dynamic regulatory landscape for both domestic and global markets. Given the extended timelines for IoT development, procurement, deployment, and operation, IoT decision makers have a real challenge: how will decisions you make today hold up against governance yet to come? This blog series examines the frameworks and processes that governments rely on, and provides questions to help you better evaluate the choices you’re making today.

Permissions Management Terms and their Impact in Multicloud EnvironmentsIt seems that almost every day we’re hearing of new cloud security terms and acronyms. Navigating so many terms can be confusing and overwhelming, especially as many can have different meanings, depending on the context. To help guide you as you learn more about Permissions Management, we put together a list of many of these common terms you may come across, what they mean, and why they’re important.

New watchlist actions available for watchlist automation using Microsoft Sentinel SOARWatchlists in Microsoft Sentinel allow you to correlate data from a data source you provide with the events in your Microsoft Sentinel environment. For example, you might create a watchlist with a list of high-value assets, terminated employees, or service accounts in your environment.