Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
Microsoft Defender for Endpoint
Refine results
Topic
Products and services
Publish date
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
-
Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT
Microsoft Defender IoT is generally available to help organizations challenged with securing unmanaged Internet of Things devices connected to the network. -
Using process creation properties to catch evasion techniques
We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. -
Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report
Microsoft was named as a Leader in The Forrester Wave™: Enterprise Detection and Response for Q1 of 2022—the ninth Leader position for Microsoft Security in a Forrester Wave™. Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
Detect active network reconnaissance with Microsoft Defender for Endpoint
Active network reconnaissance is a critical component of the cybersecurity kill chain allowing for network topography and endpoint services to be mapped and used in targeted campaigns. -
ACTINIUM targets Ukrainian organizations
The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs. -
Measure the effectiveness of your Microsoft security with AttackIQ
Microsoft and AttackIQ are working together to automate testing using MITRE ATT&CK and a threat-informed defense. -
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA
We uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
New macOS vulnerability, “powerdir,” could lead to unauthorized user data access
A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. -
Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center
Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel. -
Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack
In the third of a four-part series on the NOBELIUM nation-state attack, we share how Microsoft product teams built new detections into products to better protect customers. -
How Red Canary and Microsoft can help reduce your alert fatigue
Learn how Red Canary’s security operations platform integrates with Microsoft Defender for Endpoint to help organizations overcome “alert fatigue” and identify serious security threats.
