Select Page
Diagram showing the multi-phase phishing attack chain

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA

We have recently uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. We observed that the second stage of the campaign ... continue reading
The Azure Stack HCI Playlist

The Azure Stack HCI Playlist

Are you planning to design, deploy, manage an Azure Hybrid solution? Then you are happy to hear that we have created an Azure Stack HCI video playlist. This Azure Stack HCI playlist will give you access to the tutorials, best ... continue reading
A line chart showing the number of D D o S attacks from July 2021 to January 2022.

Azure DDoS Protection—2021 Q3 and Q4 DDoS attack trends

This blog post was co-authored by Anupam Vij, Principal PM Manager, and Syed Pasha, Principal Network Engineer, Azure Networking In the second half of 2021, the world experienced an unprecedented level of Distributed Denial-of-Service (DDoS) activity in both complexity and ... continue reading

Achieving Zero Trust readiness in your apps #2: Designing for Least Privilege

Hello again! I’m Jeff Sakowicz, Principal Program Management Lead for Application Platform Security within the Microsoft Identity team. Our team’s goal is to foster a secure, trustworthy, and thriving app ecosystem. Part of achieving this goal is enabling apps to ... continue reading

Align your security and network teams to Zero Trust security demands

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Jennifer ... continue reading
1.jpg

Forward On-Premises Windows Security Event Logs to Microsoft Sentinel

Hello, It has been a while since Raven, and I have blogged on security. My little buddy Raven (miniature Schnauzer) has been dealing with genetic back problems that have made it difficult to run or jump, so her days of ... continue reading

Your guide to mobile digital forensics

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Cellebrite ... continue reading
Simplify your identity provisioning with these new Azure AD capabilities

Simplify your identity provisioning with these new Azure AD capabilities

With the continued evolution and adoption of hybrid work, we know how critical a strong identity and governance control plane is for IT scalability and a seamless user experience. Today, we are excited to share new Azure Active Directory (Azure ... continue reading

Best practices for AI security risk management

Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool ... continue reading
Homepage of the Vulnerable and Malicious Driver Reporting Center.

Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center

Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel. Kernel-mode driver publishers must pass the Hardware Lab Kit (HLK) compatibility tests, malware scanning, and prove their identity through extended validation (EV) ... continue reading