Security

Technical articles from Microsoft’s official blogs of in-depth discussions of security, cybersecurity and technology trends affecting trust in computing. This includes timely security news, trends, and best practices.

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

Multicloud computing has become the foundation for digital businesses, with 86% of organizations having already adopted a multicloud approach.1 However, for all its benefits around increased agility, flexibility, and choice, we also see unique challenges with multicloud—including the need to manage security, identity, and compliance across different cloud service providers (CSPs), ensure data portability, and […]

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy Continue Reading

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives. Moonstone Sleet is observed to set up fake companies and

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks Continue Reading

Best Practices to Manage and Mitigate Security Recommendations

In the fast-evolving landscape of cloud security, Microsoft Defender for Cloud (MDC) stands as a robust Cloud Native Application Protection Platform (CNAPP). One of its standout features is the premium Cloud Security Posture Management (CSPM) solution, known as Defender CSPM. Among the myriads of advanced capabilities offered by Defender CSPM, the “Governance Rule” feature is

Best Practices to Manage and Mitigate Security Recommendations Continue Reading

Configuring archive period for tables at Mass for Data Retention within Log Analytics Workspace

How does this Blog help in Configuring archive period for tables at Mass for Data Retention in Log Analytics Workspace: Simplified Data Archival: Implementing archival within Log Analytics Workspace provides a straightforward and integrated solution for retaining log data over extended periods. This ensures compliance with regulatory requirements, making it easier for organizations to meet

Configuring archive period for tables at Mass for Data Retention within Log Analytics Workspace Continue Reading

Cyber Signals: Inside the growing risk of gift card fraud

In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank account attached to them, which can lessen scrutiny of their potentially suspicious

Cyber Signals: Inside the growing risk of gift card fraud Continue Reading

Accelerate cloud security risk remediation with Microsoft Copilot for Security

As cloud environments experience rapid expansion, evolution, and increasing complexity, security teams face a significant and growing challenge in identifying, assessing, and remediating cloud security risks across multicloud environments and developer pipelines. With Copilot in Defender for Cloud, security teams can efficiently identify critical risks across their multicloud environments and developer pipelines and streamline remediation

Accelerate cloud security risk remediation with Microsoft Copilot for Security Continue Reading

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools to prioritize security. Today’s threat landscape is unlike

New Windows 11 features strengthen security to address evolving cyberthreat landscape Continue Reading

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Since mid-April 2024, Microsoft Threat Intelligence has observed the threat actor Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks. Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware. The observed activity begins with impersonation through voice phishing (vishing), followed by delivery of malicious tools,

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware Continue Reading

Securing your API Management service from day one with Defender for APIs

Introduction We are excited to announce that you can now secure your Azure API Management (APIM) managed APIs from day one with Defender for APIs. This allows you to enable security as soon as you create your APIM service within the Azure portal. This means that security for APIs is no longer an afterthought and

Securing your API Management service from day one with Defender for APIs Continue Reading

PART 3 – Ingesting AWS GovCloud Microsoft Sentinel in Azure Commercial

In the first part of this series Ingesting Non-Microsoft Cloud Security Data into Microsoft Sentinel for Government & DIB Customers we looked into the compliance levels of the clouds and the architecture of the AWS connector.  In part 2 Ingesting Non-Microsoft Cloud Security Data into Microsoft Sentinel for Gov & DIB customers part 2 we

PART 3 – Ingesting AWS GovCloud Microsoft Sentinel in Azure Commercial Continue Reading