Technical articles from Microsoft’s official blogs of in-depth discussions of security, cybersecurity and technology trends affecting trust in computing. This includes timely security news, trends, and best practices.
Buenos días and welcome to número tres in the holiday ’23 series. This one is sure to please the crowd – it’s the NEW AND IMPROVED easy to setup/deploy/use solution for when IT Ops/Support needs a local admin ID and password to perform some management task(s) on a Windows endpoint. As many people know, we …
The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS) Continue Reading
Adversary-in-the-Middle (AiTM) phishing attacks represent an emerging and concerning trend, surpassing conventional phishing methods in their sophistication. These attacks possess the capability to maneuver around the security measures of multifactor authentication (MFA) by leveraging reverse-proxy functionality. One prominent actor, identified as DEV-1101 and tracked by Microsoft, stands responsible for the development, facilitation, and promotion of …
Hi folks – welcome to the second post in the holiday ’23 series. Today’s post is about a capability that came to preview long ago but recently surprised much of the world and moved to General Availability (GA). This allows you to sign-in to a Windows PC itself via the familiar web sign in form/pop-up dialog …
The Twelve Days of Blog-mas: No.2 – Windows Web Sign in and Passwordless Continue Reading
Cloud cybersecurity is of paramount importance in today’s digital landscape, as organizations increasingly rely on cloud services to store and manage sensitive data, applications, and infrastructure. Attacks on cloud infrastructure pose severe risks to organizations such as data theft, ransomware attacks, crypto mining attacks, and service disruption. During a cyber-attack, after gaining initial access to …
Defender for cloud’s Agentless secret scanning for virtual machines is now generally available! Continue Reading
In this article Microsoft Global Network Default Public Access Service Endpoints Private Link Internet Routing Preference Azure Services and the solutions you deploy into Azure are connected to the Microsoft global wide-area network also known as the Microsoft Global Network or the Azure Backbone. There are a few different ways to connect to an Azure …
Connecting to Azure Services on the Microsoft Global Network Continue Reading
Happy Holidays folks! I had a wild-hair idea to write one short blog post, per day, for 12 days along the theme of the “Twelve Days of Christmas” song. I made the mistake of mentioning the idea to one Arnab Mitra – yes, THAT Arnab Mitra. Don’t let the smile fool you – he twisted …
The Twelve Days of Blog-mas: No.1 – A Creative Use for Intune Remediations Continue Reading
If you are looking for a way to onboard Microsoft Defender for Cloud (MDC) with Terraform, you are in luck! In this blog post, we will introduce you to a new Terraform module that simplifies and enhances the onboarding experience for MDC in Azure. This module allows you to configure MDC plans for your Azure …
Simplifying Onboarding to Microsoft Defender for Cloud with Terraform Continue Reading
Introduction In cloud security domain, we often need to monitor entities – such as users, IP addresses, applications, or access tokens – and their patterns of behavior. We might want to detect ‘novelties’ – unexpected and previously unseen values of these entities – which can indicate security issues. Some examples of such scenarios are: IP …
Effective novelty detection in cloud security domain Continue Reading
Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that …
Diamond Sleet supply chain compromise distributes a modified CyberLink installer Continue Reading
Microsoft Defender for Cloud is a multicloud application protection platform (CNAPP) designed to protect your cloud-based applications from code-to-cloud. A key component of cloud security is continuously monitoring and managing new vulnerabilities across your cloud workloads. Vulnerability management helps organizations improve their security posture, reduce the attack surface, and prevent security breaches. We are thrilled …
Defender for Cloud unified Vulnerability Assessment powered by Defender Vulnerability Management Continue Reading
