Select Page
Table showing differences between phishing kits and phishing-as-a-service

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the ... continue reading
Number of DDoS attacks

Azure DDoS Protection—2021 Q1 and Q2 DDoS attack trends

This blog post was co-authored by Amir Dahan, Senior Program Manager, Anupam Vij, Principal Program Manager, Skye Zhu, Data and Applied Scientist 2, and Syed Pasha, Principal Network Engineer, Azure Networking. In our 2020 retrospective, we highlighted shifts in the ... continue reading
World map showing global distribution of Phorpiex botnet ativity

Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment

Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms that spread via removable USB drives and instant messaging apps, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads ... continue reading
Screenshot of a Microsoft Defender for Endpoint alert in the security center about a CoinMiner that was blocked.

Defending against cryptojacking with Microsoft Defender for Endpoint and Intel TDT

Cryptocurrency mining—once considered no more than a nuisance, a relatively benign activity that was a drain on machine resources—has been on the rise in recent years. This increase in cryptocurrency mining activity is driven by the increasing value of cryptocurrencies ... continue reading

Decentralized digital identities and blockchain: The future as we see it

First published on February 12, 2018 Howdy folks, I hope you’ll find today’s post as interesting as I do. It’s a bit of brain candy and outlines an exciting vision for the future of digital identities. Over the last 12 ... continue reading
PassTests.gif

Have Your Company's Systems Passed All Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
PassTests.gif

Have Your Company's Systems Passed All the Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
DBada_0-1591745277270.png

Building trust into digital experiences with decentralized identities (DID)

Howdy folks, I have previously discussed how open standards help accelerate innovation. Today, I’d like to highlight some really significant progress in two important open standards efforts: Verifiable Credentials and Decentralized Identifiers. We view these two standards as being key ... continue reading
Wadhrama PARINACOTA attack chain

Human-operated ransomware attacks: A preventable disaster

Human-operated ransomware campaigns pose a significant and growing threat to businesses and represent one of the most impactful trends in cyberattacks today. In these hands-on-keyboard attacks, which are different from auto-spreading ransomware like WannaCry or NotPetya, adversaries employ credential theft ... continue reading
Joy Chik speaking at the European Identity and Cloud Conference in Munich, Germany

Decentralized identity and the path to digital privacy

Security is the central challenge of the digital age. Our digital lives have moved into the cloud. People now use multiple devices to connect to multiple applications through many different networks. Just about everything is connected to the internet, where ... continue reading