Microsoft Cloud Library

October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading

Not too long ago, it was the first day of school, then it was the first NFL game and we just passed the first day of fall.  As seasons change, I am reminded of the things that I should do ... continue reading

Hello everyone,  In March 2022, we announced our simplified change management process, which allows customers to predictably plan their deployments, and in June, we introduced Microsoft Entra as our new product family that encompasses all of Microsoft’s identity and access ... continue reading

LEDBAT is the background data transfer product built into the Windows networking stack and recommended by the Windows Data Transport team for moving bulk data without interfering with foreground traffic. LEDBAT has a couple of advantages that make it our ... continue reading

Earlier this year, we announced our new Identity and Access product family, Microsoft Entra, which includes Azure Active Directory, Microsoft Entra Permissions Management and Microsoft Entra Verified ID. Today, we’re thrilled to announce that Frost & Sullivan has named Microsoft ... continue reading

I first met Joey Cruz not long after he joined the Microsoft Identity and Network Access (IDNA) team when he helped create demos for a keynote speech I was delivering. Joey has a way of making you feel that even ... continue reading

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Alissa “Dr. Jay” ... continue reading

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including ... continue reading

Part of the SQL Server 2022 blog series.Backup and restore to simple storage service (S3)compatible object storage is a new feature introduced in SQL Server 2022 that grants the user the capability to back up or restore their databases using S3-compatible ... continue reading

This blog was co-authored by Gopikrishna Kannan, Principal Program Manager, Azure Networking. Network security policies are constantly evolving to keep pace with the demands of workloads. With the acceleration of workloads to the cloud, network security policies—Azure Firewall policies in ... continue reading

Our customers—across all industries—have a critical need for highly available and resilient cloud frameworks to ensure business continuity and adaptability of ever-growing workloads. One way that customers can achieve resilient and reliable infrastructures in Microsoft Azure (for outbound connectivity) is ... continue reading

Protecting users from MFA fatigue attacks  With increasing adoption of strong authentication, multi-factor authentication (MFA) fatigue attacks (aka, MFA spamming) have become more prevalent. These attacks rely on the user’s ability to approve a simple voice, SMS or push notification that ... continue reading

Protecting users from MFA fatigue attacks  With increasing adoption of strong authentication, multi-factor authentication (MFA) fatigue attacks (aka, MFA spamming) have become more prevalent. These attacks rely on the user’s ability to approve a simple voice, SMS or push notification that ... continue reading

This post was co-authored by Ian Barron, Chief Technology Officer, RoQC. The vast amount of data in energy companies slows down their digital transformation. Together with RoQC solutions, Microsoft Energy Data Services will accelerate your journey in democratizing access to ... continue reading

5G marks an inflection point for operators. The disaggregation of software and hardware in 5G enables operators to move telecommunication workloads to public or hybrid public/private cloud infrastructures, giving them unprecedented agility and flexibility to deliver exceptional customer experiences and ... continue reading

Have you ever wondered how to determine if any devices are still using a storage account blob, file, table, or queues? In this blog post I will talk about the process of setting up monitoring to understand if/what devices are ... continue reading

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against high-risk accounts ... continue reading

Part of the SQL Server 2022 blog series.Traditionally, data to serve analytical systems have been extracted from operational data stores using custom-built extract, transform, and load (ETL) processes. These processes are often long-running, exert pressure on the source systems, and only run ... continue reading

IoT technologies continue to evolve in power and sophistication. Enterprises are combining cloud-to-edge solutions to connect complex environments and deliver results never before imagined. In the past eight years, Azure IoT has seen significant growth across many industry sectors, including ... continue reading

This blog post was co-authored by Espen Knudsen, Principal Digitalization and Innovation Advisor, Cegal. The vast amount of applications and data in energy companies across isolated environments is exposing inefficiencies in collaboration. Together with Cegal Cetegra, Microsoft Energy Data Services ... continue reading

Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading

Our analysis of a recent version of a previously reported info-stealing Android malware, delivered through an ongoing SMS campaign, demonstrates the continuous evolution of mobile threats. Masquerading as a banking rewards app, this new version has additional remote access trojan ... continue reading

We discussed Microsoft Detection and Response Team’s (DART) threat hunting principles in part 1 of The art and science behind Microsoft threat hunting blog series. In this follow-up post, we will talk about some general hunting strategies, frameworks, tools, and ... continue reading

This blog post has been co-authored by Darius Ryals, General Manager of Partner Promises and Azure Chief Information Security Officer. Today we’re announcing Azure Payment HSM has achieved Payment Card Industry Personal Identification Number (PCI PIN) making Azure the first hyperscale ... continue reading

Attackers are constantly evolving, becoming increasingly sophisticated and destructive—the median time for an attacker to access your private data if you fall victim to a phishing email is 1 hour, 12 minutes.1 Microsoft tracks more than 35 ransomware families and ... continue reading

Recently, while discussing work-related topics, a co-worker asked me if there is a way of monitoring changes on a Windows registry key. I knew we can monitor files, with the System.IO.FileSystemWatcher .NET class, but never heard of registry monitoring. Well, ... continue reading

This blog post was co-authored by Paul Dejager, OSDU Practice Lead, Wipro. Since its first customer-ready release, the OSDU™ Data Platform has been tested and piloted within the energy industry with great success. However, customers have been awaiting an enterprise-ready ... continue reading

Introduction I recently had a customer requirement for creating Azure Service Health Alerts. The way access was provided in Azure, meant that only specific users had access to their respective Resource Groups. We also did not want these users to ... continue reading

Improving performance has always been a major goal for MsQuic. Recently, we have put in a lot of effort into getting ultra-low latency with MsQuic. We have prototyped a fully functioning XDP data path for MsQuic to bypass Windows TCP/IP ... continue reading

Hello! It’s been just over 30 days since Entra Verified ID became Generally Available (GA). I’m thrilled to share with you our latest update, developed by Emilia Borisova this summer: Verified Coupons (e.g., a ticket for an exclusive event).   Thanks, ... continue reading