Microsoft 365: Most Common Threat Vectors & Defensive Tips

[TechWeb]( Follow Dark Reading: [RSS]( June 03, 2021 LATEST SECURITY NEWS & COMMENTARY [Microsoft 365: Most Common Threat Vectors & Defensive Tips]( Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders. [Phishing Emails Remain in User Inboxes Over 3 Days Before They're Removed]( Most malicious emails get blocked, but the ones that get through linger around dangerously long, a new study shows. [Encryption Helps Companies Avoid Breach Notifications]( With nearly twice as many firms suffering a breach compared with the previous year, limiting the damage becomes more important, a survey finds. [Processor Morphs Its Architecture to Make Hacking Really Hard]( Researchers create a processor that uses encryption to modify its memory architecture during runtime, making it very difficult for hackers to exploit memory-based vulnerabilities. [Microsoft Buys ReFirm Labs to Drive IoT Security Efforts]( The acquisition will bring ReFirm's firmware analysis capabilities alongside Microsoft's Azure Defender for IoT to boost device security. [Is Your Adversary James Bond or Mr. Bean?]( Especially with nation-state attacks, its critical to assess whether you're up against jet fighter strength or a bumbler who tries to pick locks. [Chaos for the Sake of Chaos? Yes, Nation-States Are That Cynical]( Many nation-state-backed attacks are intended to destabilize the US government, not steal from it. [Critical Zero-Day Discovered in Fancy Product Designer WordPress Plug-in]( The plug-in under active attack has been installed on more than 17,000 websites, say researchers. [FireEye Sells Products Business to Symphony Group for $1.2B]( The transaction will include the FireEye brand name; the business that remains will be called Mandiant Solutions. [MORE NEWS & COMMENTARY]( HOT TOPICS [New Iranian Threat Actor Using Ransomware, Wipers in Destructive Attacks]( The Agrius group's focus appears to be Israel and the Middle East. [A Wrench and a Screwdriver: Critical Infrastructure's Last, Best Lines of Defense?]( Critical infrastructure's cybersecurity problems are complex, deep-rooted, and daunting. Addressing them won't be easy...but it isn't impossible. [Return to Basics: Email Security in the Post-COVID Workplace]( As we reimagine the post-pandemic workplace, we must also reevaluate post-pandemic email security practices. [MORE]( EDITORS' CHOICE [DHS Orders Pipeline Operators to Report Cyberattacks, Review Security Posture]( On the heels of the Colonial Pipeline attack, the US Department of Homeland Security aims to force a reticent industry to improve its ability to detect and respond to cybersecurity attacks. [CISO Confidence Is Rising, but Issues Remain]( New research reveals how global CISOs dealt with COVID-19 and their plans for 2022-2023. LATEST FROM THE EDGE [A View From Inside a Deception]( Pen-testing today's threat deception technology is not for the faint-hearted. Do modern deception tools truly frustrate adversaries, and are they ready for the enterprise SOC? Tech Resources - [2021 Application Security Statistics Report Vol.2]( - [The State of Endpoint Security]( - [Tech Insights: Detecting and Preventing Insider Data Leaks]( - [Stop Malicious Bots For Good: How Better Bot Management Maximizes Your ROI]( - [Assessing Cybersecurity Risk in Today's Enterprises]( - [Annual Cybercrime Report - Cybersecurity Ventures]( - [Managed Threat Detection and Response]( [ACCESS TECH LIBRARY NOW]( - [Threat Deception: Tricking Attackers for Fun and Defense]( - [Ransomware Resilience and Response Playbook]( When ransomware locks up your business's critical data and essential gear, panic can set in fast-which just makes you more vulnerable. But questions abound: is this a ransomworm that's going to spread to other endpoints? Are the attackers going to ... [MORE WEBINARS]( FEATURED REPORTS - [Tech Insights: Detecting and Preventing Insider Data Leaks]( - [Improving Security by Moving Beyond VPN]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Broadcom Announces Adaptive Protection]( [IBM Selects Six School Districts to Receive a Total of $3 Million in Education Security Preparedness Grants]( [Sumo Logic Signs Definitive Agreement to Acquire Sensu to Extend Open Source Strategy]( [New Farsight Security Study Examines DNS Network Traffic Volumes For Over 300 Top Second-Level Domains During Pandemic]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)