Google Cloud Adds Curated Detection to Chronicle
The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team.
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team.
The tamper protection feature detects attempts to modify files and processes for Microsoft Defender for Endpoints on macOS.
"Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says.
The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim.
The most heavily targeted flaw last quarter was a remote code execution vulnerability in Microsoft Office that was disclosed and patched four years ago.