Select Page

Microsoft Cloud Library

Articles about Microsoft Cloud

Latest news and technical articles related to cloud computing with Windows Server. We have carefully selected articles published by industry experts, featuring Microsoft’s engineering team.

Select a Topic to view articles of just that Topic. Select All to view the entire library.

Diagram of the attacks using Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading
MichaelHildebrand_0-1664556234291.png

Prepare for Cloud Service Disaster Recovery – Export Key M365 Services Configurations

Not too long ago, it was the first day of school, then it was the first NFL game and we just passed the first day of fall.  As seasons change, I am reminded of the things that I should do ... continue reading

Microsoft Entra change announcements – September 2022 train

Hello everyone,  In March 2022, we announced our simplified change management process, which allows customers to predictably plan their deployments, and in June, we introduced Microsoft Entra as our new product family that encompasses all of Microsoft’s identity and access ... continue reading
LEDBAT Background Data Transfer for Windows

LEDBAT Background Data Transfer for Windows

LEDBAT is the background data transfer product built into the Windows networking stack and recommended by the Windows Data Transport team for moving bulk data without interfering with foreground traffic. LEDBAT has a couple of advantages that make it our ... continue reading
Microsoft named IAM Company of the Year

Microsoft named IAM Company of the Year

Earlier this year, we announced our new Identity and Access product family, Microsoft Entra, which includes Azure Active Directory, Microsoft Entra Permissions Management and Microsoft Entra Verified ID. Today, we’re thrilled to announce that Frost & Sullivan has named Microsoft ... continue reading

How one product manager builds community at Microsoft Security

I first met Joey Cruz not long after he joined the Microsoft Identity and Network Access (IDNA) team when he helped create demos for a keynote speech I was delivering. Joey has a way of making you feel that even ... continue reading

CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Alissa “Dr. Jay” ... continue reading
Attack chain diagram of ZINC campaign showing steps and related activities

ZINC weaponizing open-source software

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including ... continue reading

Backup and restore to URL for S3-compatible object storage

Part of the SQL Server 2022 blog series.Backup and restore to simple storage service (S3)compatible object storage is a new feature introduced in SQL Server 2022 that grants the user the capability to back up or restore their databases using S3-compatible ... continue reading
Graphic showing Policy Analytics product experience. The graphic highlights the experience when clicking on the Single-rule analysis tab and when selecting a single rule to analyze.

Strengthen your security with Policy Analytics for Azure Firewall

This blog was co-authored by Gopikrishna Kannan, Principal Program Manager, Azure Networking. Network security policies are constantly evolving to keep pace with the demands of workloads. With the acceleration of workloads to the cloud, network security policies—Azure Firewall policies in ... continue reading
Figure 1 shows three panels, each of an Azure region that consists of 3 availability zones. Panel 1 shows that within each Azure region is a virtual network that contains a sing subnet. A virtual machine scale set consists of multiple virtual machines that are deployed across all three zones within the single subnet. NAT gateway is attached to the subnet from zone 1. In panel 2, zone 1 is down, which causes a loss of outbound connectivity across all three zones since all outbound connectivity goes through the zone 1 NAT gateway. Panel 3 shows that if zone 2 goes down, only outbound connectivity for virtual machines from that zone goes down. Outbound connectivity from zone 1 and 3 persists since NAT gateway is in a zone not impacted by the zone 2 outage.

Ensure zone resilient outbound connectivity with NAT gateway

Our customers—across all industries—have a critical need for highly available and resilient cloud frameworks to ensure business continuity and adaptability of ever-growing workloads. One way that customers can achieve resilient and reliable infrastructures in Microsoft Azure (for outbound connectivity) is ... continue reading
Defend your users from MFA fatigue attacks

Defend your users from MFA fatigue attacks

Protecting users from MFA fatigue attacks  With increasing adoption of strong authentication, multi-factor authentication (MFA) fatigue attacks (aka, MFA spamming) have become more prevalent. These attacks rely on the user’s ability to approve a simple voice, SMS or push notification that ... continue reading
Secure your users from social engineering attacks

Secure your users from social engineering attacks

Protecting users from MFA fatigue attacks  With increasing adoption of strong authentication, multi-factor authentication (MFA) fatigue attacks (aka, MFA spamming) have become more prevalent. These attacks rely on the user’s ability to approve a simple voice, SMS or push notification that ... continue reading

RoQC and Microsoft simplify cloud migration with Microsoft Energy Data Services

This post was co-authored by Ian Barron, Chief Technology Officer, RoQC. The vast amount of data in energy companies slows down their digital transformation. Together with RoQC solutions, Microsoft Energy Data Services will accelerate your journey in democratizing access to ... continue reading
Ingest and analyze data at scale with existing Azure services.

New Azure for Operators solution accelerator offers a fast path to network insights

5G marks an inflection point for operators. The disaggregation of software and hardware in 5G enables operators to move telecommunication workloads to public or hybrid public/private cloud infrastructures, giving them unprecedented agility and flexibility to deliver exceptional customer experiences and ... continue reading
AndrewCoughlin_1-1663847922790.png

How to determine what devices are connecting to a storage account

Have you ever wondered how to determine if any devices are still using a storage account blob, file, table, or queues? In this blog post I will talk about the process of setting up monitoring to understand if/what devices are ... continue reading
A diagram of the attack chain. It presents the flow of activity from left to right, starting with the attacker gaining access to its target tenant and leading to spam messages being sent to targets.

Malicious OAuth applications used to compromise email servers and spread spam

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against high-risk accounts ... continue reading

Azure Synapse Link for SQL

Part of the SQL Server 2022 blog series.Traditionally, data to serve analytical systems have been extracted from operational data stores using custom-built extract, transform, and load (ETL) processes. These processes are often long-running, exert pressure on the source systems, and only run ... continue reading
Engineer check and control welding robotics automatic arms machine in intelligent factory automotive industrial with monitoring system software. Digital manufacturing operation.

Future-ready IoT implementations on Microsoft Azure

IoT technologies continue to evolve in power and sophistication. Enterprises are combining cloud-to-edge solutions to connect complex environments and deliver results never before imagined. In the past eight years, Azure IoT has seen significant growth across many industry sectors, including ... continue reading

Cegal and Microsoft break down data silos and offer open collaboration with Microsoft Energy Data Services

This blog post was co-authored by Espen Knudsen, Principal Digitalization and Innovation Advisor, Cegal. The vast amount of applications and data in energy companies across isolated environments is exposing inefficiencies in collaboration. Together with Cegal Cetegra, Microsoft Energy Data Services ... continue reading
SMB authentication rate limiter now on by default in Windows Insider

SMB authentication rate limiter now on by default in Windows Insider

Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading
This diagram illustrates the typical infection chain of this Android malware. The infection starts from an SMS message that contains a malicious link that leads to the malicious APK.

Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices

Our analysis of a recent version of a previously reported info-stealing Android malware, delivered through an ongoing SMS campaign, demonstrates the continuous evolution of mobile threats. Masquerading as a banking rewards app, this new version has additional remote access trojan ... continue reading
Diagram explaining the threat hunting cycle.

The art and science behind Microsoft threat hunting: Part 2

We discussed Microsoft Detection and Response Team’s (DART) threat hunting principles in part 1 of The art and science behind Microsoft threat hunting blog series. In this follow-up post, we will talk about some general hunting strategies, frameworks, tools, and ... continue reading

Azure Payment HSM achieves PCI PIN certification offering customers secure digital payments solutions in the cloud

This blog post has been co-authored by Darius Ryals, General Manager of Partner Promises and Azure Chief Information Security Officer. Today we’re announcing Azure Payment HSM has achieved Payment Card Industry Personal Identification Number (PCI PIN) making Azure the first hyperscale ... continue reading

New Windows 11 security features are designed for hybrid work

Attackers are constantly evolving, becoming increasingly sophisticated and destructive—the median time for an attacker to access your private data if you fall victim to a phishing email is 1 hour, 12 minutes.1 Microsoft tracks more than 35 ransomware families and ... continue reading

PowerShell Registry Monitor

Recently, while discussing work-related topics, a co-worker asked me if there is a way of monitoring changes on a Windows registry key. I knew we can monitor files, with the System.IO.FileSystemWatcher .NET class, but never heard of registry monitoring. Well, ... continue reading
Example PBI Dashboard

Wipro and Microsoft partner on services and accelerators for the new Microsoft Energy Data Services

This blog post was co-authored by Paul Dejager, OSDU Practice Lead, Wipro. Since its first customer-ready release, the OSDU™ Data Platform has been tested and piloted within the energy industry with great success. However, customers have been awaiting an enterprise-ready ... continue reading
wernerrall_0-1661515761677.png

Create Azure Service Health Alerts for All Resource Groups

Introduction I recently had a customer requirement for creating Azure Service Health Alerts. The way access was provided in Azure, meant that only specific users had access to their respective Resource Groups. We also did not want these users to ... continue reading
Balance Performance in MsQuic and XDP

Balance Performance in MsQuic and XDP

Improving performance has always been a major goal for MsQuic. Recently, we have put in a lot of effort into getting ultra-low latency with MsQuic. We have prototyped a fully functioning XDP data path for MsQuic to bypass Windows TCP/IP ... continue reading
Preview for verified coupons with Entra Verified ID

Preview for verified coupons with Entra Verified ID

Hello! It’s been just over 30 days since Entra Verified ID became Generally Available (GA). I’m thrilled to share with you our latest update, developed by Emilia Borisova this summer: Verified Coupons (e.g., a ticket for an exclusive event).   Thanks, ... continue reading