Microsoft has unveiled a ransomware detection feature for its Azure clients. The tool will send alerts to security analysts when it detects potential ransomware activities, according to an Aug. 9 Microsoft blog post.
Five details:
- The alerts will explain to security teams what happened and on what devices or host profiles activity was detected. If the security team determines that the activity is unusual, Microsoft recommends treating the machine as potentially compromised and taking immediate actions to evade a ransomware attack.
- Microsoft recommends hospitals that have detected a potential attack isolate the machine from the network, run a full anti-malware scan, review running software to remove unwanted packages and more.
- Microsoft's new feature comes a month after the tech giant said it was planning on acquiring a cybersecurity software vendor for $500 million, Bloomberg reported July 11.
- Microsoft has encountered several cybersecurity attacks in the last year. In late 2020, hackers with ties to China used vulnerabilities in Microsoft Exchange for several months to steal call logs from a Southeast Asia telecommunication company, Cyberscoop reported Aug. 3.
- A hacker group was exploiting vulnerabilities in Microsoft's browser to deploy malware on computers, The Hacker News reported July 29. In May, hackers launched cyberattacks on 3,000 Microsoft Office email accounts representing 150 organizations. These cybersecurity incidents are among several other attacks that have been tied to using Microsoft platforms.