Select Page

How Microsoft Purview and Priva help simplify data protection

At Microsoft Security, we understand how challenging it is to protect your most important asset, your data, in today’s threat landscape. You’re faced with evolving challenges—from empowering employees for greater productivity to eliminating gaps in your infrastructure—all while trying to ... continue reading
Architectural diagram for project Caliptra.

Delivering consistency and transparency for cloud hardware security

This post was co-authored by Mark Russinovich, CTO and Technical Fellow, Azure, and Bryan Kelly, Partner Architect, Azure Hardware Systems and Infrastructure. When it comes to building the Microsoft Cloud, our work to standardize designs for systems, boards, racks, and ... continue reading
New “Prestige” ransomware impacts organizations in Ukraine and Poland

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which labels ... continue reading

Microsoft publishes new report on holistic insider risk management

The risk landscape for organizations has changed significantly in the past few years. The amount of data captured, copied, and consumed is expected to grow to more than 180 zettabytes through 2025.1  Traditional ways of identifying and mitigating risks don’t ... continue reading
Table showing the AV-Comparatives test cases and the corresponding results for Microsoft Defender for Endpoint (rows) in the following areas (columns): LSASS dumping was possible, Extracting credentials (offline) from respective minidump file was possible, Prevention by AV module, and Detection by EDR module.

Detecting and preventing LSASS credential dumping attacks

Obtaining user operating system (OS) credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral ... continue reading
Security practitioner authenticating access on a Surface tablet while preparing to work from home.

Cybersecurity awareness tips from Microsoft to empower your team to #BeCyberSmart

October is Cybersecurity Awareness Month, and I’m excited about what Microsoft and our partners in the industry have planned to help everyone stay #CyberSmart. 2022 may have offered some respite from the previous year’s rush to enable a remote and ... continue reading
Diagram of the attacks using Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading

How one product manager builds community at Microsoft Security

I first met Joey Cruz not long after he joined the Microsoft Identity and Network Access (IDNA) team when he helped create demos for a keynote speech I was delivering. Joey has a way of making you feel that even ... continue reading
Attack chain diagram of ZINC campaign showing steps and related activities

ZINC weaponizing open-source software

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including ... continue reading

CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Alissa “Dr. Jay” ... continue reading