1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft Defender will soon be a lot better at stopping corporat

    From TechnologyDaily@1337:1/100 to All on Fri Feb 24 17:30:04 2023
    Microsoft Defender will soon be a lot better at stopping corporate cyberattacks

    Date:
    Fri, 24 Feb 2023 17:09:15 +0000

    Description:
    Updates for Microsoft Defender should help minimize any damage done by a ransomware attack.

    FULL STORY ======================================================================

    A number of advanced Microsoft 365 Defender features first announced last
    year as a means of stopping ransomware and business email compromise (BEC) attacks, have now reached public preview, the company has announced.

    The features, called automatic disruption use high-confidence Extended Detection and Response (XDR) signals across endpoints, identities, email, and SaaS apps, Microsoft explained, saying theyll help contain active security attacks quickly and effectively.

    Theyll work by automatically disabling, or restricting, devices and user accounts that the threat actors have compromised and are actively using in an attack. Limited impact

    By shutting off this access, Microsoft hopes the attackers wont be nearly as effective as they should be, and at the same time, SOC teams get more time to deploy additional countermeasures.

    As a result, ransomware and BEC attacks should have a more limited impact on the target organization, the company claims.

    Automatic attack disruption operates in three stages. In the first stage, the attack is detected, and high confidence is established. In the second stage, different scenarios are classified, as well as assets that the attackers are currently controlling. Finally, in the third stage, automatic response
    actions are triggered via Microsoft 365 Defender, containing the attack and minimizing its impact. Read more

    Microsoft Defender for Endpoint gets mobile integration


    Microsoft Defender is getting much better at protecting Linux endpoints


    Check out the best endpoint protection services right now

    As the name suggests, the activity of these new features is automatic, which might not sit well with some cybersecurity professionals. Microsoft seems to be aware of this fact, stating that the number of signals used should ease anyones anxiety around automation:

    We understand that taking automatic action can come with hesitation, given
    the potential impact it can have on an organization, the company said. Thats why automatic attack disruption in Microsoft 365 Defender is designed to rely on high-fidelity XDR signals, coupled with insights from the continuous investigation of thousands of incidents by Microsofts research teams.

    Ransomware continues to be one of the most disruptive forms of cybercrime out there. Businesses are advised to train their employees on the dangers of phishing and to make sure they set up a robust backup solution. An antivirus, a firewall , and multi-factor authentication are also considered best practices. Remove malware with these best malware removal tools



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-defender-will-soon-be-a-lot-better-at -stopping-corporate-cyberattacks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)