Select Page
Architectural diagram displaying CyberMDX integrating with Microsoft Defender for Endpoint.

CyberMDX and Microsoft: Protecting life-saving medical devices

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Learn more about MISA. While hospitals continue to battle the COVID-19 pandemic, many are battling other “viruses” behind the scenes. Malware, ransomware, and phishing attacks against healthcare delivery ... continue reading
Screen view of security recommendations for network devices and the suggested remediation procedure. Here network device 3 has critical CVEs.

Secure unmanaged devices with Microsoft Defender for Endpoint now

As we have entered into new hybrid work environments, businesses need to think about how they will proactively protect their organizations from the influx of new or “bring your own” (BYO) connected devices. This new normal has exposed the most ... continue reading
Hierarchy of IoT Edge devices to extract data from the automation pyramid

Build secure manufacturing operations with nesting capabilities for Azure IoT Edge

The manufacturing industry continues to rapidly adopt Internet of Things (IoT) technology to optimize productivity, gain efficiencies, increase uptime, and meet sustainability goals. As organizations look to harness IoT across their ecosystems of connected devices, security and compliance continue to ... continue reading
Investigating a unique “form” of email delivery for IcedID malware

Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind ... continue reading
The threat matrix for cloud-based Storage services. The matrix consists of the various attack techniques that pose threats to Storage resources.

Threat matrix for storage

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat ... continue reading
Gamifying machine learning for stronger security and AI models

Gamifying machine learning for stronger security and AI models

To stay ahead of adversaries, who show no restraint in adopting tools and techniques that can help them attain their goals, Microsoft continues to harness AI and machine learning to solve security challenges. One area we’ve been experimenting on is ... continue reading
Microsoft Defender for Endpoint now supports Windows 10 on Arm devices

Microsoft Defender for Endpoint now supports Windows 10 on Arm devices

Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is part of our continued efforts to extend Microsoft Defender for Endpoint capabilities across all the ... continue reading
Attack diagram showing stages of an attack and how the threat actor tracking model caught the initial stages so the affected organization could stop the attack

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

As seen in recent sophisticated cyberattacks, especially human-operated campaigns, it’s critical to not only detect an attack as early as possible but also to rapidly determine the scope of the compromise and predict how it will progress. How an attack ... continue reading
Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. These attacks are now performed by multiple threat actors ranging from financially motivated cybercriminals to state-sponsored groups. To help customers who are not able to immediately ... continue reading
The threat matrix to Kubernetes. The matrix consists of the various attacking techniques that target Kubernetes.

Secure containerized environments with updated threat matrix for Kubernetes

Last April, we released the first version of the threat matrix for Kubernetes. It was the first attempt to systematically map the threat landscape of Kubernetes. As we described in the previous post, we chose to adapt the structure of ... continue reading